Internal infrastructure penetration test
Determination of the security of the internal network by performing an infrastructure penetration test and recommendations for server hardening measures.
An insurer handles sensitive information. To protect this data, the security of the internal IT infrastructure was assessed with a penetration test. Furthermore, specific servers have been hardened to provide additional security against attacks.
The corporate network was examined locally. The penetration test was performed without any credentials, to achieve a realistic security evaluation of the network. Subsequently, system hardening was performed for critical servers.
The added value for the customer
It was possible to show the customer how a number of vulnerabilities could be combined to escalate the access without any credentials to full access as the domains administrator. To impede such attacks, critical systems were hardened appropriately.