RED.TEAM ENGAGEMENT

A red team engagement is a true test of both your technical controls and employee security awareness

This is not for the faint hearted. During a red team you can expect us to try and gain access to your enterprise using just about any method imaginable, therefore addressing a more determined threat model. We think like the bad guys.

Red teaming is a multi-layered, simulated real-life attack. It is not designed to find as many vulnerabilities as possible and exploit them (as a penetration test would), but instead to identify and exploit the best route to compromise with the highest likelihood and least chance of detection. We will parse public data to extract information that could be used to target employees using sophisticated attack methods. We will profile your organisations’ digital footprint and identify the most effective method of infiltration.  Our aim is to establish a foothold in the target environment which is where the true test begins.

Our Approach

Our red team engagements allow your organisation to understand the steps an attacker would carry out as well as identify the strengths and weaknesses in your policies and technical security controls. This is an intensive and immersive assessment comprising of several stages:

  • Reconnaissance
  • Defining the target
  • Deployment and gaining an initial foothold
  • Further exploitation
  • Further reconnaissance and defining objectives
  • Strengthening our foothold
  • Exfiltrating data
  • Covering our tracks

For further information on the engagement specifics, please contact one of the in.security technical team.

 

Why choose a red team assessment?

  • A red team engagement will be of most benefit to an organisation who places calculated and targeted attacks at the forefront of their threat model
  • Consider a red team engagement if you are interested in knowing whether your most valuable assets or intellectual property can be accessed rather than finding all the potential ways in
  • An ideal way to get a true representation of your organisation’s security posture
  • A real-world experience