Get in touch
Manufacturing · FMCG

Pentest for a world's leading brewer

Decade-long penetration testing programme for one of the world's leading brewery groups.

Industry
Brewing & beverages
Engagement
External · Internal · Wi-Fi · Social
Approach
Blackbox · Graybox
Duration
10+ year partnership

Carlsberg Group is one of the leading brewery groups worldwide. Over 40,000 people work for Carlsberg, and its products are sold in more than 150 markets worldwide.

Carlsberg Ukraine includes breweries in Kyiv, Zaporizhzhia and Lviv. The portfolio includes beer, alcoholic and non-alcoholic beverages of brands like Lvivske, Robert Doms, Carlsberg, Tuborg, Kronenbourg 1664, Arsenal, Kvas Taras, Somersby, Guinness, Seth&Riley's Garage, Warsteiner, Grimbergen.

Firstly, for prevention purposes, and secondly, to comply with the parent company's requirements and internal cybersecurity policies.

Since the initial development of corporate IT decades ago, Carlsberg has continuously invested in protecting its IT infrastructure, including through independent and regular pentesting.

XRAY CyberSecurity has conducted many penetration testing assessments over a 10-year business relationship, including External Pentest, Internal Pentest, Wi-Fi Pentest, and Social Engineering.

Pentests were carried out against a variety of IT systems located in different customer locations and modeling different attackers, including Blackbox and Graybox tests.

External pentestInternal pentestWi-Fi pentestSocial engineeringBlackboxGraybox

Our pentesting methodology is based on leading standards — PTES, NIST SP 800-115, OSSTMM, OWASP — and improved by our own 15 years of experience.

PTESNIST SP 800-115OSSTMMOWASP

During pentesting, a full set of common pentester tools was used — but the main key to success was manual analysis: interconnecting individual vulnerability exploitation results to escalate privileges and demonstrate practical IT-infrastructure compromise.

Based on each penetration testing project's results, in addition to the Technical and Executive reports, an Action plan was developed with the customer's team to prioritize tasks to improve protection level, considering the company's available human and financial resources.

The final re-tests confirmed the quality and timeliness of implemented vulnerability fixes.

More case studies

View all
Insurance · Finance

Colonnade

External, cloud and wireless assessment for a Luxembourg-based non-life insurance company.

Read case study
Healthcare

St. Paraskeva Medical Center

IT infrastructure, management and cybersecurity audit for a leading Ukrainian healthcare provider.

Read case study
Manufacturing · FMCG

Danone

Multiple penetration testing engagements for a global food & beverage company operating in 120+ markets.

Read case study
Move forward with confidence

Have a similar
challenge in mind?

We'll scope a senior-led penetration test against your specific environment — and deliver Technical, Executive and Action-plan reports that translate findings into business decisions.

  • Reply within one business day
  • NDA on request — no obligation
  • Speak directly with our Head of OffSec
  • Tailored scope & clear pricing

Tell us about your project

We'll get back within one business day.