How attacks work in a corporate environment
Attacks in corporate environments usually all follow the same pattern.
To get access to a corporate environment, the adversary usually sends a phishing email or finds a vulnerability on an external-facing server. The latter is not that easy if the company followed best practices in securing their environment (for example, by putting their web servers in a demilitarized zone (DMZ), using Web Application Firewalls (WAFs), and following secure coding best practices).
In case you are unfamiliar with what a WAF is, it is a type of firewall that is specifically designed to protect web applications. It monitors and filters traffic between a web application and the internet, detecting and blocking attacks such as SQL injection and cross-site scripting (XSS) attacks. By using a WAF, companies can significantly reduce the risk of attackers exploiting vulnerabilities in their web applications.