Reeling after a data breach, a soon-to-be client had been taken by surprise when a threat actor exploited a network access point they didn’t know about. The client wanted a penetration test to make sure there were no other unmanaged access points.
The Second Renaissance team was able to perform a comprehensive penetration test with less than a month’s notice. While we didn’t find unmanaged access points in their networks, we did identify a slew of ways to exploit their existing attack surface, as well as ways to access their customer records via their database APIs.