Analyze Attack Surface
Create Phased Attack Maps
Attempt to Obtain Flags
Planning and Threat Modeling
We conduct a workshop with you to discuss logistics, TTPs, and rules of engagement for the Red Team. The workshop further defines the trophies and goals for the exercise.
We model threats against the organization, including perimeter services and human resources. Threat modeling enables us to prioritize pursuit of both practical (exploitable) and more theoretical (what-if scenario) threats to the network, including identification of key system components, communication protocols, data flows, and integration with in-house, cloud and third-party systems.
Red Team Technical Testing
We will use combinations of Red Team techniques, over an extended period of time and emphasizing stealth operations, in attempts to capture the trophies:
- Targeted Penetration Testing and Web Application Testing
- Spear Phishing and Social Engineering Phone Calls
- Multifactor Authentication Bypass
- Persistent Remote Access
- Service Desk Password Reset
- Any other technical tactics are required to acquire the flags
We follow the path of least resistance and only escalate attack methodologies when initial attempts fail.
Let us know if you would like us to provide red team testing services for you by completing the contact form.
Red vs. Purple vs. Pen
- Demonstrate the stealthiest path to compromise
- Obtain pre-set flags such as application admin access or intellectual property
Approach: Low and slow with minimal knowledge of the test among stakeholders
Duration: 6-12 weeks
Output: Report describing path to compromise, strengths, and gaps
- Simulate many attack patterns to measure defense effectiveness and identify areas to shore up in defensive tools
- Align to MITRE ATT&CK framework
Approach: Technical workshop with side-by-side, wide range of participants
Duration: 1-3 weeks, conducted quarterly
Output: Defense success metrics report, MITRE ATT&CK heat map, improved detection configurations for SIEM and other tools
- Assess internal and external networks for common and custom security flaws that can lead to widespread access to sensitive systems and data
Approach: Time-boxed using a mix of manual and automated techniques for efficiency, all stakeholders have knowledge
Duration: 2-4 weeks
Output: Report describing observations, impact and recommendations for all identified vulnerabilities