Careers Search

Background

A major European telecommunications and IT services provider commissioned our team to conduct five penetration tests in April 2025, including a complex engagement of critical strategic importance.

The company intended to launch a new platform built on modern cloud infrastructure to centralise all business analytics. This platform will process and store highly sensitive data, including call detail records and retail transaction histories.

Use case 1: Testing a new data analytics platform

Security was paramount due to the platform’s critical role and the nature of the data it would handle, and the company was committed to securing its strategic digital assets before the platform’s launch.

A comprehensive testing process was planned, shared between multiple security providers.

Reflecting the company’s trust in us, our highly experienced penetration testing team was chosen to assess the most complex and high-risk components, including authentication flows, data pipelines, and role-based access controls.

Use case 2: Remote support system vulnerability discovery

While carrying out what was expected to be a routine security assessment on a platform used by call centre agents to provide remote technical support, our penetration testing team quickly revealed a high-risk, zero-day vulnerability within an hour, in a widely deployed third-party product.

The software in question is produced by a well-known security vendor, increasing the significance of the finding. The vulnerability was discovered within hours of testing, immediately disclosed to the software provider, and remediation efforts are now underway.

This discovery highlights the importance of third-party risk assessments, even for systems built by security-focused vendors. Our testing team is currently applying for a CVE (Common Vulnerabilities and Exposures) listing to ensure the issue is properly documented and recognised.

Outcomes and impact

  • Critical asset protection: Security was prioritised early in the platform development lifecycle.
  • Rapid detection: A severe vulnerability was identified within hours, potentially preventing a broader, more significant adverse impact.
  • Industry contribution: By pursuing a CVE, our team contributes to broader cyber security awareness and transparency.

Conclusion

These engagements highlight how penetration testing can uncover critical risks, validate system resilience and improve the security posture of core platforms. Expert-led testing remains essential in today’s complex digital environments, especially when timelines are tight and systems are critical.

Penetration testing

Powering your standard security testing with results within 24 hours.

Find out more

Strengthening Your Digital Barriers:

The Vital Importance of Regular Pen Testing and Vulnerability Scanning

Read more

Our Accreditations and Certifications

Crest Accreditation Resillion
Check Penetration Testing
RvA L690 Accreditation
ISO 27001
ISO 9001 Resillion
CCV Cyber Pentest
Cyber Essentials
CE+assessor

Contact Us