HomeContactSite MapPrivacy Policy
         
CompanyProfessional ServicesEducationSoftwareResources
Overview
Incident Response
Computer Forensics
Litigation Support
Application Security
Network Security
Research & Development
Threat Identification Program
Services by Industry
 
 

Network Security Case Studies

Internal Penetration Testing for Manufacturing Company

For a leading consumer products manufacturing company, MANDIANT was asked to perform an internal penetration test from the perspective of an angry employee. We were given a basic user account, plugged into the internal network, and told to perform vertical privilege elevation and to determine what sensitive information we could gather. After discovering a number of vulnerabilities, we chose one to exploit; stole password hashes; cracked those passwords and impersonated the cracked user accounts to raise our privilege level. We also used those hacked accounts to discover sensitive information, such as bank account numbers and other sensitive financial data. At the end of the engagement, we left the client with a report detailing the vulnerabilities we had discovered, as well as a list of suggested of remediation.

 

Network Security Practice Description