The Trigger
A MAS Technology Risk Management regulatory requirement for threat-led penetration testing. The institution needed an intelligence-led red team engagement aligned to MAS TRM standards, with findings documented to the standard MAS examination requires.
The Environment
A MAS-regulated financial services institution operating in Singapore. Internal security function with existing controls. The red team engagement was required to satisfy a specific MAS TRM obligation, not as a discretionary exercise.
The Theos Approach
Threat Intelligence Phase
Theos developed an institution-specific threat profile prior to testing. Intelligence gathering focused on the threat actors most likely to target financial services institutions in Singapore, the attack patterns they use, and the specific vulnerabilities most relevant to the client’s sector and technology environment. Attack scenarios were built around this profile, not a generic red team playbook.
Red Team Execution
A full-scope, multi-vector red team engagement executed against the live environment. Testing covered external perimeter, internal network, identity and access management, cloud environments, and social engineering. Theos practitioners operated with the tradecraft patterns used by the threat actors identified in the intelligence phase.
Regulatory Documentation
Findings were documented to the standard MAS TRM examination requires. The report was structured for direct submission to MAS, including threat intelligence, attack scenarios, findings by risk rating, and remediation recommendations. The documentation was built to the submission standard from the first day of the engagement.
"
The engagement identified gaps our existing programme had not surfaced. The findings went directly into our regulatory submission and the gaps have since been remediated.
