Skip to main content
Case Study

Strobes Red Team Discovers Critical Flaws in a $3.7B Financial Firm’s External Infrastructure

Operating with a cloud-first approach, the firm relied heavily on AWS and public-facing critical applications to support its operations. Despite its robust infrastructure, gaps in credential management and user account monitoring left the organization vulnerable to potential breaches.

Requirements

  • Comprehensive Credential Management: Strengthen password policies,credential storage, and account access protocols to prevent unauthorizedaccess and brute-force attacks.
  • Multi-Factor Authentication (MFA): Enforce MFA across all critical applications, especially those managing sensitive employee or customer data, to add an essential layer of security against unauthorized access.
  • User Account Monitoring and Anomaly Detection: Implement active monitoring of user account activity, with automated alerts for anomalous login attempts, privilege escalation, and suspicious access patterns.
  • Vulnerability Assessment and Management: Regularly conduct vulnerability assessments and establish a streamlined patch management process to address emerging threats quickly and effectively.
  • Data Protection for SSO Portals: Enhance security protocols for single sign-on (SSO) portals to safeguard employee training platforms and internal applications from unauthorized access or data breaches.

Findings of the Assessment

Ability to fetch or alter confidential documents related to HRMS for 65k+ users

Access to different other portals because of SSO login feature

Visiblity into sensitive HR data and multiple set of email notifications

Control over critical banking field related to financial service provider’s organization

  • Ability to fetch or alter confidential documents related to HRMS for 65K+ users
  • Access to different other portals because of SSO login feature
  • Control over critical banking field related to the financial service provider’s organization
  • Visibility into sensitive HR data and multiple set of email notifications

Outcome

  • Full administrative access to the bank’s AWS environment during the engagement.
  • Uncovered key vulnerabilities that arose from weak credential management and insufficient user monitoring.
  • Provided actionable recommendations, including enforcing MFA, strengthening credential policies, and improving hybrid environment integration.
  • Enabled the bank to enhance its security posture, reducing the likelihood of future breaches.

Download the case study for the full story

 See how we expose critical weaknesses

Stay up-to date with latest emerging threats

Close Menu