Adversary Emulation with APT Scenario for one of the largest insurances in Asia

  • Theos

Customer’s profile:

One of the largest insurance company in Asia, 6000 employees and agents 10 countries in Asia. The company offers life and medical insurance, general insurance, employees benefits. 

Customer’s challenge:

  • Annual exercise to assess the cyber resilience of a specific business unit​
  • Regulatory requirement to conduct at least one red team exercise per year​
  • Strategy of continuous security improvement based on rotating assessments

Solution delivered:

  • Theos conducted an end-to-end Advanced Persistent Threat scenario with no initial knowledge of the target users, assets and infrastructure​
  • The objective of the exercise was the identification and exfiltration of sensitive information, with a focus on customer data​
  • The exercise was successful in that the objective was met within the timeline and boundaries set under the agreed rules of engagement

Values delivered to the customer:

  • Actionable insights into the successful attack vectors leveraged during the exercise with recommendations around policies, systems and processes​
  • Re-run of the successful TTPs once the remediation had been implemented​
  • Successfully met regulatory requirements

Go Back to Theos Labs