Scenarios

Public
Institution

In 2023, the U.S. Department of Energy and multiple federal agencies were impacted by a global campaign exploiting vulnerabilities in MOVEit Transfer, resulting in data integrity damage across two DOE-affiliated organizations.

The key issue wasn’t only the agencies themselves. Attack surfaces extended to external file transfer tools and supply-chain-connected systems.

• Identify attack surfaces, including external file transfer solutions
• Design and validate supply-chain intrusion scenarios
• Coordinate CERT-backed response when incidents occur

HEXA LABS assesses attack surfaces across external file transfer tools and connected systems, then designs supply-chain intrusion scenarios alongside a CERT-ready response framework.

Financial
Services

In 2019, Capital One experienced a major data exposure incident impacting approximately 106 million individuals, resulting in an estimated $150M in losses.

The attacker leveraged an SSRF vulnerability to access AWS access keys, obtained temporary credentials, enumerated S3 buckets, and copied sensitive data.

• Chained-vulnerability attack scenarios
• High end penetration testing including data access and exfiltration paths
• Validate exposure of WAF/proxy/metadata services

HEXA LABS validates cloud configuration, IAM permissions, and data-store access paths, going beyond vulnerability checks to confirm real-world exfiltration risk.

Energy

In 2025, U.S. energy authorities reported finding undocumented communication devices in certain Chinese-made solar inverters and batteries, raising concerns that they could bypass firewalls and be used for remote manipulation.

The core issue is that the infrastructure itself has become an attack surface, not just the generation equipment. Because clean-energy infrastructure combines distributed assets with remote-control architectures, a hidden communication capability or a single supply-chain weakness can quickly become an operational risk.

• Identify attack surfaces across renewable energy infrastructure
• Coordinate CERT-backed response and recurrence prevention
• Phased security validation designed for operational continuity

HEXA LABS validates inverters, batteries, and remote management paths together to uncover hidden attack surfaces in clean-energy infrastructure. We also run phased penetration testing designed for operational continuity, and work with CERT-aligned response to assess real-world threat feasibility and establish recurrence prevention—without unnecessary service disruption.

Manu-
facturing

In 2023, Clorox faced major business disruption after a cyber incident caused network outages and production line interruptions, leading to widespread product shortages.

The incident drove significant recovery costs and broader losses tied to supply chain disruption and halted operations.

• Step-by-step assessment focused on production system impact
• Operational environment testing that minimizes downtime
• Build incident response and recurrence prevention frameworks

HEXA LABS validates people, accounts, and operational processes together, testing attack scenarios without halting production and designing both response and recurrence prevention.