Red Teams
We simulate advanced adversaries seeking to compromise your network and obtain defined sensitive “trophies.” We test both the feasibility of achieving trophies and the detection and response processes that your defenders exercise against threat actors.
Overview
Recon
1-2 Weeks
OSINT
Analyze Attack Surface
Plan
2-3 Days
Prioritize Plans
Create Phased Attack Maps
Prep
2-3 Days
Approve Plans
Setup Infrastructure
Attack
5-6 Weeks
Execute Plans
Attempt to Obtain Flags
Report
1 Week
Report Results
Discuss Mitigations
Planning and Threat Modeling
Preparation Workshops
We conduct a workshop with you to discuss logistics, TTPs, and rules of engagement for the Red Team. The workshop further defines the trophies and goals for the exercise.
Threat Modeling
We model threats against the organization, including perimeter services and human resources. Threat modeling enables us to prioritize pursuit of both practical (exploitable) and more theoretical (what-if scenario) threats to the network, including identification of key system components, communication protocols, data flows, and integration with in-house, cloud and third-party systems.

Red Team Technical Testing
We will use combinations of Red Team techniques, over an extended period of time and emphasizing stealth operations, in attempts to capture the trophies:
- Targeted Penetration Testing and Web Application Testing
- Spear Phishing and Social Engineering Phone Calls
- Multifactor Authentication Bypass
- Persistent Remote Access
- Service Desk Password Reset
- Any other technical tactics are required to acquire the flags
We follow the path of least resistance and only escalate attack methodologies when initial attempts fail.
Get Started!
Let us know if you would like us to provide red team testing services for you by completing the contact form.
Red vs. Purple vs. Pen
Red Team
Objectives:
- Demonstrate the stealthiest path to compromise
- Obtain pre-set flags such as application admin access or intellectual property
Approach: Low and slow with minimal knowledge of the test among stakeholders
Duration: 6-12 weeks
Output: Report describing path to compromise, strengths, and gaps
Purple Team
Objectives:
- Simulate many attack patterns to measure defense effectiveness and identify areas to shore up in defensive tools
- Align to MITRE ATT&CK framework
Approach: Technical workshop with side-by-side, wide range of participants
Duration: 1-3 weeks, conducted quarterly
Output: Defense success metrics report, MITRE ATT&CK heat map, improved detection configurations for SIEM and other tools
Penetration Test
Objectives:
- Assess internal and external networks for common and custom security flaws that can lead to widespread access to sensitive systems and data
Approach: Time-boxed using a mix of manual and automated techniques for efficiency, all stakeholders have knowledge
Duration: 2-4 weeks
Output: Report describing observations, impact and recommendations for all identified vulnerabilities