Case study breakdowns
Real scenarios,
examined closely
Each case here is drawn from actual workshop exercises — specific attack vectors, decision points, and what participants did differently after working through them hands-on.
Workshop breakdowns
Five scenarios worth studying
These aren't hypotheticals. Each breakdown reflects a structured exercise run at Taychproa, with the tools, friction points, and participant decisions included.
When a convincing email bypasses technical filters
A crafted spear-phishing message targeting a fictional HR department cleared every automated check. Participants received it in a sandboxed inbox and had 20 minutes to decide: act, flag, or delete.
Fourteen of nineteen participants clicked at least one embedded link before catching the indicators. The debrief focused on header inspection and sender verification without relying on gut feeling alone.
Leaked passwords in a public repository
A developer accidentally committed an .env file to a public GitHub repo. Participants traced the exposure window, assessed scope, and drafted a response checklist under a 30-minute constraint.
Lateral movement inside a segmented lab network
Participants were given read-only access to network logs from a simulated breach. An attacker had moved from a compromised workstation to a file server over 72 hours without triggering any alerts.
The task was to reconstruct the movement path using only log timestamps, port activity, and user session data — no pre-labeled indicators.
Prioritising a 60-item CVE list under pressure
Given a real-world vulnerability scan output from a fictional mid-size company, participants had to rank remediation priority using CVSS scores, asset criticality, and exploit availability — without external help.
A phone call that almost worked
One participant played a support agent; another played an attacker posing as a new employee locked out of their account. The script was loose — only the goal was fixed: get the agent to reset credentials verbally.
"The phishing simulation workshop was exactly what our IT team needed. Working through a real attack scenario step by step made the theory stick in a way that reading never did."
"I came in thinking I understood network segmentation. The lateral movement case showed me exactly where my mental model had gaps. The debrief alone was worth the session."
"The social engineering role-play was uncomfortable in the best way. You don't realise how easy it is to give up information until someone is actually doing it to you live."