8 threat actors. 51 attack scenarios. 8 versioned runs.
96.1% of attacks blocked against a simulated $80M mid-market construction firm.
96.1%
Catch rate (run-008)
49/51
Attacks blocked
8
Threat actors
8
Versioned runs
Specialty contracting · HVAC, plumbing, fire protection
Each modeled after a real-world precedent. Each runs against Apex Mechanical in every sandbox run.
VENDOR-01
Spoofed vendor bank-detail change requests
TTPs
Lookalike domain registration · invoice template forgery · timing around real invoice cycles
Real-World Precedent
Construction industry BEC fraud · $1.2B annual losses (FBI 2023)
EXEC-01
Lookalike-domain wire transfer demands targeting AP staff
TTPs
Display-name spoofing · urgency framing · out-of-office timing · sub-threshold amounts
Real-World Precedent
Ubiquiti $46.7M loss (2015) · countless SMB wire fraud cases
SOCIAL-01
Phone-based social engineering of IT support to reset MFA
TTPs
LinkedIn target identification · pretext crafting · helpdesk verification bypass
Real-World Precedent
MGM Resorts ($100M+, September 2023) · Caesars Entertainment ($15M ransom)
APT-01
Multi-week LinkedIn relationship-building before payload delivery
TTPs
Conference attendance · genuine business engagement · trust-building over months
Real-World Precedent
DPRK against Drift Protocol (6-month operation, April 2026)
INSIDER-01
Disgruntled employee using slowly-escalating valid credentials
TTPs
Gradual access expansion · normal-hours activity · plausible deniability
Real-World Precedent
Tesla insider sabotage (2018) · countless construction insider cases
SUPPLY-01
Compromise smaller subcontractor → use their access to attack target
TTPs
Identify weakest vendor · phish them first · pivot through trusted relationship
Real-World Precedent
Target / Fazio Mechanical ($200M+, 2013) · MOVEit / Cl0p (2023)
AUTH-01
2 AM MFA push notification spam until employee approves to make it stop
TTPs
Credential reuse from breach dumps · automated push spam · timing exploit
Real-World Precedent
Uber / Lapsus$ (September 2022)
COLD-01
Zero relationship · zero insider knowledge · OSINT-only attack
TTPs
Public records mining · domain aging · pretext crafting from open-source intel
Real-World Precedent
The majority of ransomware affiliate operations
Zero relationship. Zero insider knowledge. Public OSINT only.
Watch a determined attacker compromise Apex Mechanical from cold start to wire fraud in 19 days — and watch Scoprix block them.
Google search for "Apex Mechanical Contractors" → website, LinkedIn page, news mentions. LinkedIn enumeration of 250 employees → org chart, key roles (CFO, AP Manager, IT lead). Glassdoor reviews leak internal tools (Procore, QuickBooks) and culture. Public building permits reveal current job sites. Industry databases reveal recent contract wins. Domain WHOIS reveals MX records and email infrastructure.
HaveIBeenPwned check on 50+ employee emails harvested from LinkedIn → 32 employees have credentials in past breaches (Adobe, LinkedIn, Dropbox, MyFitnessPal). Cross-reference with public password dumps. 8 employees still use those exact passwords (verified later).
Public bid records reveal Apex is currently working as the mechanical sub on a hospital expansion for "Bayside General Contractors." Project #2026-04-117. Find Bayside’s real project manager on LinkedIn. Find Apex’s project manager on LinkedIn. Now have a real, verifiable pretext that bypasses skepticism.
Buy domain "bayside-projects-portal.com" via Namecheap. Set up basic Cloudflare DNS, SPF, DKIM, DMARC (configured properly to pass deliverability). Park a generic landing page. Begin 14-day domain aging period.
Send email from "[real Bayside PM name]@bayside-projects-portal.com" to Apex’s project manager. Subject: "Change order CO-014 — Hospital project #2026-04-117 — review requested." Email body references real project details from public bid filings. Includes link to "Bayside Projects Portal" — actually a fake M365 login page.
Scoprix Behavioral Signal
Email contains a domain registered 14 days ago — already flagged by domain-age behavioral signal even before user clicks
PM clicks the link, sees a page that looks identical to their real M365 login. Enters username + password. Reverse-proxy fake login captures both credentials AND the resulting session token after MFA approval.
Scoprix Behavioral Signal
M365 login from a residential IP in unfamiliar geography — flagged immediately by identity behavioral baseline
Attacker logs into compromised PM’s M365 from their own infrastructure. Downloads global address book (250 employees with roles). Sets up auto-forward rule on PM’s inbox to attacker’s control email. Searches PM’s inbox for "wire," "invoice," "bank," "ACH" → finds AP clerk’s email + recent vendor payment patterns.
Scoprix Behavioral Signal
Auto-forward rule creation by an account with no history of email rule changes — flagged by behavioral pattern detection. Multi-source correlation (new IP + new behavior) escalates to critical.
Forge a "new payment instructions" email from a real Apex vendor ("Pacific Steel Supply") to AP clerk. Email originates from compromised PM’s M365 account (passes DMARC, internal sender). References real outstanding invoice. Requests wire to attacker-controlled bank account in Hong Kong. Amount: $47,300 (sub-$50K threshold, no dual approval required).
Scoprix Behavioral Signal
Wire transfer to a recipient with no historical relationship + originating from a compromised internal account + crossing geographical anomaly threshold + matching known attacker behavioral pattern → BLOCKED at policy layer + behavioral layer + dual-AI consensus.
Even with valid credentials, a perfect pretext, and zero attribution — Scoprix catches the Cold Outsider at the last step. Layer 1 (policy), Layer 2 (behavioral), and Layer 3 (multi-AI consensus) all fire independently. The attack chain costs the attacker $10 and 8 hours. The defender wins.
Same total as our web3 sandbox. Symmetric coverage of the full attack surface.
8 versioned runs showing how the behavioral engine improved with each iteration.
Same compounding flywheel as our web3 sandbox. Same final number — by design.
60.8%
31 / 51 caught
Baseline run — policy layer only, no behavioral baseline yet
Established baseline
70.6%
36 / 51 caught
Added email behavioral monitoring (send patterns, recipient diversity, login geographies)
+5 caught · email layer wired
78.4%
40 / 51 caught
Added AP workflow patterns — invoice approval cadence, vendor diversity, amount distributions
+4 caught · AP behavioral layer
84.3%
43 / 51 caught
Added identity behavioral baseline — login geographies, MFA patterns, session anomalies
+3 caught · identity layer
90.2%
46 / 51 caught
Added wire transfer behavioral patterns — recipient diversity, amount distributions, timing
+3 caught · financial layer
92.2%
47 / 51 caught
Added cross-source correlation — email + AP + identity + network as single behavioral graph
+1 caught · correlation layer
94.1%
48 / 51 caught
Tuned dual-AI consensus prompts for web2 context (Claude + GPT-4 evaluating actions in business workflow language)
+1 caught · AI layer tuning
96.1%
49 / 51 caught
Final run — closed the helpdesk-reset gap with phone-based behavioral signaling. 2 known gaps remain.
+1 caught · matches web3 result
These 10 gaps show up in basically every $20M – $200M company we’ve looked at. Each maps to one or more sandbox scenarios.
Domain spoofable by anyone — DMARC policy is set to p=none, not p=reject
Enabled on email, missing on VPN, vendor portal, and one-off SaaS tools
AP systems, project management, and building controls all share the same VLAN
Wire transfers under $25K go through one person with no out-of-band verification
Bank detail changes accepted via email — no callback, no policy enforcement
Ex-employees still in Active Directory 90+ days after termination
Subcontractors share logins across crews — no individual accountability
Field workers use personal phones for company email with no separation or remote wipe
Even if attackers walk in, no one notices for weeks
And the MSP has its own security debt — supply chain risk concentrated in one vendor
96.1% means 2 attacks slip through. We document them rather than hide them — credibility matters more than marketing.
A long-trusted vendor is compromised. Their FIRST malicious action looks identical to their normal pattern at first glance — same sender, same recipient, same approximate amount range, same project context. Behavioral baseline takes a few transactions to detect the deviation.
Mitigation
Cross-vendor correlation + dual-AI consensus catches it within 2-3 actions, but the first action gets through. Hard problem.
An employee with legitimate access intentionally does something malicious within their normal scope. Single-action insider threat is genuinely hard — the action itself looks legitimate by every metric. We catch escalating insider patterns, but a single high-stakes action by a trusted employee is the hardest defense problem in security.
Mitigation
Out-of-band verification policies (callback on bank changes, dual approval on wires) close the gap procedurally — but require a customer to enforce them.
The sandbox is the proof. The real engagement is the product.
We bring this same methodology — every scenario, every threat actor, every behavioral signal — to your actual environment.