Our certified specialists can work with you to find the best solution to deliver the business outcomes you need, no matter the challenge.
We take the time to understand your unique business needs and challenges. Our certified specialists can work with you to find the best solution that suits you.
The term ‘Red Team’ was borrowed from military and intelligence operations; the Red Team would try to challenge the plan for offensive/defensive operations and identify gaps that could result in failure. The objective of a Red Team operation in the cyber security world is much the same; challenge the organisation’s security operation to identify gaps in the defences and demonstrate how the organisation would fare against real adversaries. This is extremely valuable should it ever come under cyber-attack by terrorists, state-sponsored attackers, organised crime gangs, corporate spies or any other type of adversary.
A Red Team operation aims to manoeuvre against the organisation as a real threat actor would, targeting your operational environment in three dimensions:
A Red Team operation involves hackers - ‘the Red Team’ – executing an attack plan tailored specifically for your operational environment, while the ‘Blue Team’ attempts to detect and respond to the attack.
The objective for the Red Team is typically to compromise your ‘Crown Jewels’, which would be sensitive data, such as customer information; or a critical system, such as an industrial control system (ICS) on your segregated OT network.
In order to achieve the objectives, the Red Team will study your operational environment and apply the art and science of adversary tactics when designing and planning the operation. The team will then meticulously execute the operation, and work through the stages of the attack chain to gain initial access, and then manoeuvre towards the objectives. All the while, the Red Team will observe the environment to gain situational awareness, and carefully select attack techniques or adapt their procedures to select the most suitable approach for your environment and to blend in with the normal activity.
In accomplishing their mission, the Red Team will meet your organisation’s broader goals to:
In one word – insight. The Red Team will challenge assumptions and misconceptions about risks in your environment or your capabilities, which will allow you to allocate your efforts and resources to where they will make the most significant impact.
Some of the most common insights our clients gain are:
Additionally, Penetration Tests often result in a false sense of security, for example when security solutions detect malicious activity even though the penetration testers did not attempt to evade detection; or a false sense of insecurity, when critical vulnerabilities are identified even though exploiting them when all the mitigating controls are in place is not likely. A good Red Team can rectify those wrong impressions by negotiating the security solutions in the environment with finesse and sophistication, and fully exploiting vulnerabilities in the context of an attack chain.
To meet the goals of a Red Team operation, you’ll need to engage an adversary that you can trust at the deepest level. That’s because you’re going to give them carte blanche to use every tactic available to them to break down the barriers and gain access to your most critical assets.
We recognise that Penetration Testing and Red Teaming require different sets of skills and expertise. Our Red Team operators are well-versed in the art and science of adversary tactics, are specially trained to run Red Team operations, and conduct cutting-edge security research and development used by red teams throughout the industry, both in Australia and globally.
If you’re interested in Red Teaming and how it can help prepare your organisation in the event of an attack, call us today. We’d love to chat about your needs and advise you on your options.
If you liked this article, you may also like:
When it comes to cyber security threats, the obvio...