Shinobi IT was engaged by a financial management and accounting firm who maintains multiple offices in the Puget Sound region and specializes in tax planning, investment, retirement and estates. The firm maintains a significant amount of personally identifying information for clients and their families including tax records, social security numbers and access to investment accounts.
The client requested an assessment of their infrastructure and readiness as it pertained to network security inside their defensive perimeter. Shinobi IT performed a defensive blue team assessment of the infrastructure and provided a 30-page report of our findings:
–Intranet Site Issue: Shinobi IT uncovered a vulnerability on the company’s intranet site which would allow outside attackers to gain access to sensitive company information while also providing not only an ideal staging ground for targeted spear phishing and social engineering attacks, but potential remote access to the corporate network.
–SMB Access Issue: The client’s network shares were configured in such a way that allowed anyone to access protected administrative shares resulting in a situation where several key companies servers could be easily compromised by any party with network access.
–Network Vulnerability Scan: Shinobi IT performed a comprehensive vulnerability scan of all hosts on the network. This scan resulted in the detection and remediation of a significant number of vulnerabilities on multiple hosts.
–Malicious Traffic: Multiple tests were performed to verify the customer’s ability to detect malicious traffic both on the network and outbound from the network. This testing identified major gaps in the client’s ability to detect such traffic.
After testing on this network was completed, Shinobi IT provided the client with an actionable roadmap to remediate all findings. The client’s in-house team was able to complete this roadmap successfully and Shinobi IT was available to verify the improvements.