Strobesstrobes
All Case Studies
Case Study | Financial Services

Strobes Red Team Discovers Critical Flaws in a $3.7B Financial Firm's External Infrastructure

Strobes Red Team gained access to confidential HRMS documents for 65K+ users and critical banking systems through credential-based attacks and SSO exploitation.

Get a Demo

65K+

User records exposed

1,108+

Domains discovered

15K+

Ports enumerated

$3.76B

Company revenue

The Objective

Assess Real-World Resilience of External Infrastructure

The client sought a Red Team assessment to evaluate vulnerabilities in their cloud environment, test the security of credentials and sensitive data, assess real-time threat detection and response, and evaluate defenses against privilege escalation and social engineering.

  • Comprehensive credential management — strengthen password policies, credential storage, and account access protocols
  • Multi-Factor Authentication enforcement across all critical applications managing sensitive data
  • User account monitoring and anomaly detection with automated alerts for suspicious access patterns
  • Data protection for SSO portals safeguarding internal applications from unauthorized access

The Methodology

Structured Reconnaissance to Exploitation

Strobes Security utilized a structured approach involving reconnaissance, credential extraction, privilege escalation, and establishing persistence within compromised applications.

1

Reconnaissance & Information Gathering

Discovered 1,108+ domains, 2,000+ IP addresses, 400+ unique services, and 15K+ ports. Mapped the full external attack surface.

2

Credential-Based Attack

Password spraying on ADFS portals using discovered and leaked credentials. Gained successful account access to HRMS manager-level dashboard and cross-platform SSO portals.

3

Internal Application Enumeration

Exploited third-party HRMS software for authorization-level exploits. Successfully extracted confidential HRMS documents for 65K+ users — a massive data breach scenario.

The journey from initial access to full compromise reveals that security isn't just about strong controls — it's about how these controls work together across hybrid environments.

Get the Full Case Study

Download the complete report with detailed methodology, technical findings, and strategic recommendations.

By submitting, you agree to receive communications from Strobes. Unsubscribe anytime.

Findings & Impact

The assessment revealed severe operational vulnerabilities representing not just technical weaknesses, but potential business operation disruption points.

HRMS Data for 65K+ Users

Ability to fetch or alter confidential HRMS documents including payroll, HR records, and PII for over 65,000 users.

Cross-Platform SSO Access

Single compromised credential enabled access to multiple internal portals through SSO, expanding the blast radius.

Critical Banking System Control

Gained control over critical banking fields related to the financial service provider's core organization.

Sensitive HR Data Visibility

Full visibility into employee data and email notification systems, risking identity theft and compliance violations.

Ready to see similar results?

Get a personalized demo of Strobes CTEM

See how Strobes can transform your security operations with continuous threat exposure management.

Book a Live Demo
More Case Studies