Engagement #4892 — Everstone Financial
ALL CLEAR
2 ROUTES CLOSED
NEXT CHECK 14 JUL 2026
SCOPE: EXTERNAL + INTERNAL + CLOUD · STARTED 18 JUN 2026 · WRITTEN ALL-CLEAR ISSUED 30 JUN 2026
Assets discovered
1,284
18,402 relationships graphed
Entry points
44
internet-facing
Confirmed attack routes
2
both closed and re-test verified
Fixes verified
3/3
one afternoon of changes
Exposure over time · risk index
18–30 JUN 2026
Attack surface
44 ENTRY POINTS
Route R-01 · Credential chain
CRITICAL
Reused service password
→
Stale access rule
→
Forgotten file share
→
Domain admin
EXPOSURE: FINANCE SYSTEMS
CLOSED · RE-TEST VERIFIED 26–29 JUN 2026
Route R-02 · API bypass
CRITICAL
Public website
→
Internal API accepts reused service credentials
→
Service account
→
Customer records
EXPOSURE: CUSTOMER RECORDS
CLOSED · RE-TEST VERIFIED 29 JUN 2026
Remediation · ranked fix list
3 CHANGES · ONE AFTERNOON OF WORK
| ID | Fix | Closes | Verified | Evidence |
|---|---|---|---|---|
| FX-1 | Rotate and vault the shared service-account credential | R-01 STEP 1 · R-02 AUTH | ✓ 26 JUN 2026 | 21 STEPS |
| FX-2 | Remove the stale firewall access rule | R-01 STEP 2 | ✓ 26 JUN 2026 | 13 STEPS |
| FX-3 | Decommission the forgotten file share | R-01 STEP 3 | ✓ 29 JUN 2026 | 14 STEPS |
| 48 EVIDENCE STEPS · 14-PAGE REPORT · DOWNLOAD DISABLED IN DEMO | ||||
Activity · engagement timeline
18 JUN▸ start engagement #4892 opened — external + internal + cloud
19 JUN▸ recon 44 internet-facing entry points mapped
20 JUN▸ graph 1,284 assets and accounts · 18,402-edge relationship graph
21 JUN▸ route R-01 credential chain proven — reaches domain admin
22 JUN▸ route R-02 API bypass proven — reaches customer records
24 JUN▸ read-out findings presented · ranked fix list delivered
26 JUN▸ verified FX-1, FX-2 re-tested — closed
29 JUN▸ verified FX-3 re-tested — closed
30 JUN▸ all clear written all-clear issued
14 JUL▸ next next scheduled re-check 14 JUL 2026
ENGAGEMENT #4892 · 12 DAYS START TO ALL-CLEAR
STATUS: CLOSED · VERIFIED