RedTeam's Red Teaming Services enable organizations with mature security postures to do next level testing of their protections, procedures and responses. In a standard penetration test, the testers are “allowed in” and are not actively being stopped when noticed. In an Advanced Penetration Test, your team will have standard protections in place and may stop the attack in process, causing the team to reassess and pivot, to achieve an agreed upon goal. Our team will leverage multi-faceted attacks using more advanced real-world scenarios.
Attacks performed, tactics used, and results collected during these simulations are compiled into actionable reports that identify risk to your organization’s most valuable assets.
Our reports provide you with highly valuable information about your security posture and the security awareness levels of your employees, physical protections, blue teams and technology deterrents. This vital information is a crucial component toward measuring your overall security posture and helps pinpoint where security gaps need to be filled and where budgetary dollars should be directed.
Our engagements offer flexible options to match your security objectives.
Our Red Team Engagements involve establishing a goal that could be technical or physical and the rules of engagement to attain that goal. Then RedTeam Security consultants will develop a plan for achieving that goal. This could involve them being physically onsite at the target location. They could either overtly interact with staff to persuade them into performing certain actions or covertly attempt to blend in and gain access into certain areas or information. Both overt and covert tactical approaches can easily be blended into a single engagement for a more comprehensive evaluation. A Red Team engagement could also include gaining network control, compromising cameras and security systems, or extracting data. Goals during a Red Team engagement can be technology based or physically based and can include physically breaching buildings. A Red Team Engagement could test your security awareness training, corporate policies, physical security systems, response procedures and your technology protections and alerts.
A remote, or Advanced Adversary Simulation, involves setting a goal that is related to your technology (i.e. being able to extract HR information) and establishing the rules of engagement to obtain it. These types of engagements do not involve physical breaches, however, they may involve email phishing, phone vishing, dropping or mailing USB drives or breaching the network. The Advanced Adversary Simulation may also include testing email filters, security awareness training, network protections, alerting and your blue team responses.
Regardless of the type of Advanced Penetration Test you choose, RedTeam will work closely with you to create your rules of engagement to solidify details such as:
Additionally, at the end of the engagement, RedTeam Security can conduct a highly valuable technical out-brief. This technical exchange of information provides the opportunity for a step-by-step review of each tactic, procedure and result. This additional discussion provides immediate nearly hands on training while the events of the engagement remain current to all involved. With such a detailed walkthrough and the benefit of a question-and-answer venue, your team will hear firsthand how the red team was able to accomplish the goal.