Penetration Testing

5 Big Wins From Red Team Training

Written by
Jeremiah Talamantes

We’ve gotten great feedback on the many free security resources we offer readers, like our Social Engineering E-book and this blog, but many of reached out to tell us: you wanted more. We received dozens of emails and inquires all expressing interest in the same thing: a live training session with our team.

While there’s plenty to be said about the benefits of online learning and reading about security, we agree that nothing quite compares to being there in person, getting your hands dirty with cutting edge security techniques.

In 2017 we held our very first Red Team Training session, a live, multi-day, immersive training program unlike anything being offered anywhere else. The feedback was resounding: the students loved it.

If you’re thinking about attending one of our upcoming training sessions, this post is meant to tell you more. First, we’ll cover what’s involved in a red team operation and then explain the benefits associated with RedTeam’s live training sessions.

What Are Red Team Operations?

Red Team operations aim to understand the realistic level of risk and vulnerabilities against an organization’s technology, people and physical assets.

The objective is to reveal real-world opportunities for malicious insiders or bad actors to compromise all aspects of an organization, from unauthorized virtual and/or physical access to sensitive information leading up to data breaches and full system/network compromise.

Highly trained security consultants at RedTeam test using a multi-blended attack simulation to identify physical, hardware, software and human vulnerabilities and to help address any identified security weaknesses.

Our team is experts in this type of testing. We did name our company after it, after all. But we’re more than willing to share our knowledge to help other security professionals better protect their organizations. That’s the reason behind our five-day training sessions, held right here at our St. Paul, Minnesota headquarters.

Reasons to Attend Red Team Training

#1 Hands-on Learning

Virtual learning has its advantages — convenience likely being the first one that would come to mind. Nevertheless, being physically in the room for instruction remains the best way to learn, communicate, and concretize your understanding of the material.

This is especially true when it comes to red team training. You get to sit in a room with other students and actually pick a lock — not just watch a video of one of our instructors doing so, trying to figure it out for yourself. Or, research a target company’s vulnerabilities in direct competition with the individuals seated across from you at the table (better enabling the motivational trash-talking, which simply doesn’t translate as effectively in email exchanges).

#2 Real-life Interactions

The goal of our five-day training program is to immerse students in a real red team operation. Our instructors work to offer realistic training to give students the precision, accuracy, and efficiency needed to tackle a full red teaming cycle from the planning phase to the reporting phase.

Not only do participants benefit from actual experiences, but in our training, there are no actors — the scenarios we run are real. Instead of relying only on videos or online readings, our students are tasked with a live, target company and given actual employee information and access to participants’ social networks and physical offices. Using a capture-the-flag-style approach, students work to compromise human and physical targets, putting the skills from ted team training to practical use.

Pullout: Want to know more about how RedTeam training works? Check out this video featuring RedTeam president and managing partner Jeremiah Talamantes.

#3 Unique Perspective

Since our first RedTeam training session on April 2017, we’ve given participants access to learning that sheds a whole new light on cybersecurity. As one of our training course students remarked, “this is not the typical training in the industry today.”

What makes it so atypical? RedTeam’s full-force training addresses not only cyber and social engineering attacks and threats, but also physical attacks and threats. With physical intrusion skills on the agenda alongside penetration testing and social engineering, our training has already prepared representatives from government and the private sector from Washington DC, Chicago, Kansas, Minnesota and beyond to face the ever-evolving challenges of protecting systems, networks, applications and more.

#4 Comprehensive Approach

Our comprehensive training offers a multi-blended, adversarial-based attack simulation against people, software, hardware and facilities performed simultaneously. Students are tasked with trying out their newly acquired social engineering skills and tactics in-person, by phone, and over email. Covert entry skills and other physical security attacks (ie: lock picking, evasion, diversions, physical pretexting) are simulated against cooperating surrounding offices and/or buildings.

You’ll be exposed to industry-standard frameworks based on the NATO CCDCOE, OWASP, PTES, and US Army Red Teaming Handbook v7, as a foundation for carrying out Red Team Operations.

#5 Controlled Consequences

No red team operation goes entirely as planned, but our approach provides students with priceless experience without the consequences of a failed operation.

Students are given a safe environment and expert support through the several stages of a Red Team operation including:

  • Reconnaissance — collecting information about the target from public tools.
  • Weaponization — using open-source intelligence gathering and thorough analysis to prepare for the operation and also craft and configure malicious files, hardware trojans, falsified personas and more
  • Delivery — carrying out actions on target to reach goals including cloning badges or face-to-face social engineering
  • Exploitation — seeking to break in, exploit staff or physical weaknesses, and prepare for escalation and installation stages
  • Action — capturing evidence of the ability to realize the objective of compromising systems or breaching physical security.

Ready To Join Us?

Click here and scroll down to see our latest red team dates and sign up to meet with us.

Not Quite Ready To Attend A Training Yet?

Although RedTeam doesn’t yet offer onsite training at other locations, we do get asked about it a lot.

You can also check out the many resources on our site, such as our helpful blog articles and Jeremiah’s book, The Social Engineer’s Playbook.

About The Instructors

Jeremiah Talamantes, CISSP, CEH, CCISO, CCENT, CHFI has been in IT Security for over 20 years. Creator of the PlugBot research project, he is an adjunct grad school professor at Norwich University. Under Jeremiah’s direction, RedTeam has been conducting innovative Red Team Operations since its inception in 2008.

Matt Grandy, OSCP is a Security Consultant at RedTeam Security with many years experience Red Teaming companies of all sizes and industries. Matt’s skills range from advanced penetration testing and offensive coding to lock picking. Recently Matt developed and taught Information Security Warfare at Minnesota State University.

Steve Kaun is a Security Consultant with RedTeam Security. Steve has a knack for finding vulnerabilities in everything from complex applications to highly-secure electrical substations. His professional exploits in hacking, bypassing, and infiltrating has earned him a name in the industry.

Featured On

National TV news and media outlets often consult with us for our expertise as a boutique, high-touch ethical hacking firm highly trained in a narrow field of cybersecurity. Please click on any logo below to view the featured story.

Learn how our security experts can reduce your organization’s security risk!

Test the effectiveness of your own security controls before malicious parties do it for you. Our security experts are here to help — schedule a call today.