Client Assessment Summary: Continous cloud application assessment for a fintech firm.
The client is a fintech giant with 5000+ users, the client wanted us to perform an engagement on their AWS cloud-based web application for 5-man days as the application was in beta testing. Within the first 5 minutes of testing our consultant was able to identify the temporary access credentials for the existing logged-in temporary test user. This credential is then used to gain an initial foothold on the AWS infrastructure, we then were able to gain access to the client’s S3 buckets where we found numerous SQL database dumps and a backup of AWS accounts with tokens. We would have taken over the client’s AWS instance as a super-admin but due to policies of operations with the client, we report the critical findings to the client as soon as identified.
Being a red team, we take a lot of notes and as we knew this is a continuous assessment for the client, we were able to directly gain access to the super-admin account as the access tokens from previous engagements were not revoked by the client.
Proactive and iterative security is a must because if these tokens were somehow accessed by an adversary, it would incur a hefty financial loss to the client.
The reason we were able to identify such vulnerabilities in the client's assets is due to our custom methodology of security operations at the Bluefire Redteam. With this new operations model, we come out as an effective and efficient security vendor.
If you're interested in our services, please book a meeting with us to discuss how we can help you achieve your goals. Our team is ready and eager to work with you to develop a customized solution that meets your specific needs.