Our client, recognized for extensive financial services, is a well-established and highly regarded institution. The bank has evolved into a major player in the financial sector, operating a vast network of over 1,400 branches across the region, and providing a wide array of financial services to both individuals and businesses. In addition to its traditional services, the bank has a robust digital banking platform that facilitates convenient and secure transactions.
However, recognizing the need for an external perspective on their internal infrastructure and Security Operations Center (SOC) efficiency, the client sought our expertise. This pre-emptive assessment was crucial to evaluate their readiness for a potential security breach, particularly concerning the compromise of low-privileged user accounts.
In a proactive measure to fortify their security measures, our client opted to engage with Ebryx. Their decision to choose us was driven by trust in our cybersecurity expertise, recognizing our ability to provide an impartial and comprehensive evaluation of their security posture, a task their in-house team might not have been able to achieve with the same level of objectivity.
Our clients selected our Red Teaming services due to our thorough assessments and transparent reporting, which offer actionable insights. Furthermore, our team’s expertise, backed by certifications such as Certified Ethical Hacker (CEH) and Certified Information Systems Security Professional (CISSP), equipped them effectively address a diverse spectrum of security concerns.
Our task was to conduct a thorough evaluation of our client’s internal infrastructure and SOC efficiency. This encompassed a Red Teaming operation designed to mimic real-world breach scenarios, identifying vulnerabilities and assessing the bank’s preparedness to respond appropriately.
During the Red Teaming operation, we discovered several significant security challenges that had eluded our client’s in-house teams. These included the compromise of over 600 computers with local admin rights due to misconfigured EDR exclusions. Our Red Team also identified the abuse of open shares, which allowed us to capture NTLM hashes. The end result was data exposure, which included confidential files and service credentials. Furthermore, we pointed out the presence of outdated operating systems within the bank’s infrastructure, a potential security risk.
To gain insights into the bank’s response capabilities during a breach scenario, we developed strategies to bypass the EDR, ultimately achieving command and control access on compromised systems.
The outcomes of our Red Teaming engagement were substantial. We successfully addressed the misconfigurations, reducing the risk of unauthorized access. We secured open shares, preventing further data leakage and data exposure of confidential files and service credentials. A strategic plan was developed to address the issues related to outdated operating systems, which significantly improved the bank’s overall security posture.
Additionally, our strategies to bypass the EDR provided critical insights into the bank’s response capacity during a breach setup, including the establishment of command-and-control access on compromised systems. This comprehensive assessment allowed the bank to fortify its security posture and readiness to respond to breaches, ensuring the safety and security of their operations.
In conclusion, through our comprehensive Red Teaming operation, our client significantly enhanced its security and response capabilities, ensuring they would be well-prepared to tackle potential security challenges in the future
GET IN TOUCH!
info@ebryx.com
+1 603-912-5385
389 Main Street, Unit 5
Salem, NH 03079
