Client Background
Zeppelin creates powerful solutions in the areas of construction and mining machinery (e.g. CAT/Caterpillar dealer), agricultural machinery, rental, construction logistics and construction site management, drive and energy, engineering, and plant construction. They also develop new digital business models for the construction industry.
Zeppelin Group operates in 220 branches worldwide with over 10,000 employees and net sales of 3.9 billion EUR in fiscal 2023.
What triggered the project launch
The need for external expertise on an ongoing basis to ensure uninterrupted operation of the corporate network infrastructure and a high level of protection against cyber threats.
Solution
A long-term engagement was launched with periodic assessments of different cyber threat types.
Blackbox, Greybox, and Whitebox penetration testing was regularly performed against the external network, internal network, and wireless infrastructure.
Methodologies
Our pentesting methodology is based on leading standards like NIST SP 800-115, PTES, OSSTMM, OWASP and improved by our own 15 years of experience.
Tools used
During pentesting, a full set of common pentester tools was used, but the main key to success was manual analysis, interconnecting individual vulnerabilities exploitation results to escalate privileges and demonstrate practical IT-infrastructure compromise.
Results
The comprehensive and continuous penetration testing of Zeppelin provided an in-depth assessment, identifying vulnerabilities and practical attack vectors, demonstrating potential damage.
The results at each stage allowed information about vulnerabilities to be instantly transmitted to engineers maintaining the network infrastructure for priority remediation. Subsequent re-testing was continuously conducted, thereby providing a high level of protection against cyber threats.
