Challenge
A European insurance provider wanted to test their internal security controls against an insider threat or compromised employee scenario. Traditional perimeter-focused penetration tests had given them confidence in their external defenses, but they had limited visibility into how an attacker would move laterally once inside the network.
Approach
Crimson7 conducted an assumed breach red team engagement:
- Started from a simulated compromised workstation in the claims processing department
- Performed internal reconnaissance and privilege escalation
- Targeted policyholder data stores and claims processing systems
- Tested network segmentation between business units and data classification zones
Results
The red team accessed policyholder PII data within 48 hours from the assumed breach starting position. Eight network segmentation failures were identified between business units that should have been isolated. The client remediated all critical findings within 6 weeks, and a follow-up validation test confirmed the fixes were effective.