Case studies

The platform and the people, proven.

How OSec shows up across finance, retail, media, and food production: continuous testing that never stops, and operators who chain physical and digital to the crown jewels. All with numbers you can check.

12 daysto full global data access
Red team · Retail

$100B+ retailer — 12 days to global data access — and not a single alert.

A $100B+ global retailer asked if a cyberattack could destroy them. Four operators chained physical and digital to full global data access. Undetected, past $329M of spend.

Read the study →
252assessments delivered, on schedule
Program delivery · standardized testing · Media & entertainment

The Walt Disney Company — 252 assessments, on schedule.

Over five years, OSec ran a standardized security-testing program across Disney’s global portfolio — 252 assessments, every layer, every region, each delivered within the agreed window and never the reason a release slipped.

Read the study →
480Kendpoints tested continuously
Incenter · continuous · Media & telecom

Cox Enterprises — Hackers are fast. Be faster.

Cox Enterprises runs Incenter across a footprint serving 6.5M homes and businesses — 480K endpoints tested continuously, complex control bypasses and several zero-days surfaced, findings reported as discovered.

Read the study →
$2Mregulatory fine avoided
Incenter · continuous app testing · Financial services · wealth platform

FNZ — Incenter is a total game changer.

A missed attestation meant a $2M fine — and annual testing needed weeks FNZ, a wealth platform managing ~$1.4T, didn’t have. Incenter onboarded and tested a client in 24 hours; the attestation cleared, and the fine never landed.

Read the study →
$2.5Bin daily transactions secured
Red team + app security · Financial services · capital markets

Large brokerage — Security at light speed.

A brokerage processing $2.5B in daily transactions hardened its trading platform with red teaming, deep application testing, and human-factor testing. Six months on, it repelled several sophisticated attacks that would have succeeded before.

Read the study →
Guest WiFito total compromise
Pen test + physical · Financial services · banking

Major bank — Lobby WiFi to total compromise.

With nothing but the lobby guest WiFi, OSec found a path through an unisolated network to the corporate core — then, past unlocked workstations, drove a six-month transformation across technical, operational and cultural security.

Read the study →
26KICS vulnerabilities reported in 2023
Purple team · ICS / OT · Agriculture · food processing

Meat producer — Securing the line without stopping it.

A meat producer’s ICS spanned slaughtering, processing and packaging, and none of it could go down. A purple team closed segmentation and patch gaps and built an ICS-specific incident plan — live, alongside operations.

Read the study →
See how we’d test you