Looking for software development? We've movedGrassFed.dev

Credential and Network Exposure Review

Layered testing gave an accounting firm a clear plan to strengthen employee readiness and reduce internal network risk.

Credential and Network Exposure Review

Industries

Accounting

Services

Security Awareness Testing,
Vulnerability Assessment,
Penetration Testing

About the project

An accounting firm wanted an independent view of how well its employees, email defenses, and internal network would stand up to common attacks. The stakes included client confidentiality, access to financial records, and the disruption that could follow a compromised account or unpatched system.

Vigilus combined repeated phishing simulations and credentialed vulnerability scans with an assumed-breach penetration test. The goal was to measure real behavior, validate technical controls, and turn the findings into practical priorities for the firm and its IT team.

What we did

  • We ran multiple phishing simulations that tested both email filtering and employee response. In the first round, no one clicked or submitted credentials, but the messages were not reported. A later, more targeted simulation led to visits to the test page and a credential submission, showing that reporting procedures and awareness training needed more attention.
  • Credentialed vulnerability scans checked the firm’s internal network against current security guidance. Across the assessments, we found outdated or unsupported software, weak service settings, and missing safeguards. We ranked the highest-impact issues and provided practical steps for patching systems, hardening network services, and reducing avoidable exposure.
  • An assumed-breach penetration test started with standard remote user access to show what a compromised employee account could reach. We tested common credential attacks, privilege paths, and ways to move between systems. The work uncovered weak account lockout settings, broad administrator access, default device passwords, and a file-sharing protection gap. The password attacks did not recover any account credentials.
  • During testing, we identified unusual sign-in activity that could have reflected an active attack or a misconfigured service. We alerted the client and paused further testing so the activity could be investigated without added noise. The final guidance called for stronger monitoring, account lockout controls, and a clear path for escalating suspicious events.
  • A later assessment showed that patching and configuration issues remained, so we delivered an updated fix list. Together, the engagements gave the firm a repeatable way to test people and systems, track recurring weaknesses, and focus IT effort on the highest-impact findings.

Technologies Used

Tenable IO

Tenable IO

N map logo

N map

Metasploit logo

Metasploit

Powershell

Powershell

Microsoft Active Directory logo

Microsoft Active Directory

NIST

NIST

OWASP

OWASP

Browse more projects

Connected Vessel Risk Review

Connected Vessel Risk Review

Account-to-Server Takeover Test

Account-to-Server Takeover Test

Contact Us