Pentest for largest diamond tools manufacturer
Infrastructure penetration testing and phishing simulations for a Ukrainian-Italian diamond tools manufacturer serving 55+ countries.
The largest manufacturer of diamond tools in Eastern Europe. Distar is a joint Ukrainian-Italian company. Tens of thousands of craftsmen in more than 55 countries use Distar tools every day.
Distar recognised the need to enhance their cybersecurity posture and to fulfil compliance requirements. The primary objective was to evaluate the security of their IT resources through infrastructure penetration testing and social engineering.
Additionally, the client sought to implement effective cybersecurity measures to raise network protection and to raise awareness around social engineering attacks.
The scope included penetration testing the perimeter of information systems accessible from outside — websites, online stores, mail domains and other services. Social engineering testing involved phishing email scenarios targeting employees.
Our pentesting methodology is based on leading standards — NIST SP 800-115, PTES, OSSTMM, OWASP — and improved by our own 15 years of experience.
During pentesting, a full set of common pentester tools was used — but the main key to success was manual analysis: interconnecting individual vulnerability exploitation results to escalate privileges and demonstrate practical IT-infrastructure compromise.
The penetration testing was conducted in phases, with results monitored and recorded at each stage. Constant communication and discussions were maintained throughout the project, ensuring timely completion.
The client received insights into vulnerabilities, potential attack vectors, and areas for improvement, along with actionable recommendations to address security gaps, implement robust measures, and enhance employee awareness.
External compliance requirements were also met.
More case studies
View allLAPP
Web application pentest across Blackbox, Graybox and Whitebox approaches for a global cable leader.
Read case studyCarlsberg
A decade of pentesting partnership with one of the world's leading brewery groups.
Read case studyZeppelin
Long-term recurring Blackbox/Greybox/Whitebox pentesting across external, internal and wireless networks.
Read case studyHave a similar
challenge in mind?
We'll scope a senior-led penetration test against your specific environment — and deliver Technical, Executive and Action-plan reports that translate findings into business decisions.
- Reply within one business day
- NDA on request — no obligation
- Speak directly with our Head of OffSec
- Tailored scope & clear pricing