red_teaming
one of the most advanced information security tests an organisation can undertake
Red teaming is a scenario led engagement which simulates real-world cyber threats or which is made to challenge your blue-team in the most complete, exhaustive and accurate manner.
Unlike penetration testing, red teaming is goal based and our consultants will utilise any route possible, within the set scope, to gain access to a privilege level or set of resources that could be highly impactful.
These engagements can be useful to any organisation wishing to test their robustness in the face of cyber-threats. However, they are more suited to larger scale organisations that have a global presence and considerable attack surface, those that have critical assets they are required to protect, that have been undertaking regular penetration testing or have advanced internal security teams.
the benefits of red teaming
simulate an advanced real-world attack
Persistent attackers will use a variety of techniques to achieve their goal. Our red team engagements simulate this threat and will look to exploit your organisation, within the set scope, to fully test your defences and provide a realistic description of the timescales that might be involved.
secure your most important assets
What are your organisation’s most important assets? It could be intellectual property, maybe it’s a customer database or even financial information. Whatever it is, it needs protecting and our red team engagements can provide you with the security assurances you need.
uncover wider vulnerabilities
Red teaming has a much broader scope than other security tests, helping you uncover wider organisational vulnerabilities which could be used in conjunction to compromise sensitive assets or data.
support your internal security teams
Red teaming can help determine how effective your internal security teams are at providing defence and at reporting issues. Following the engagement, we will work with you and your team to improve your posture and your internal response to an attack.
what we test
Our consultants will look to gather information from multiple sources, utilise various techniques and attempt numerous routes in order to achieve their goal. The routes we use are dependent on the scope set, but can include a combination of:
technology
Your digital estate is often bigger than you think. Every connected device, website, application & server provides a potential way in. Our consultants will look to understand your estate, probing and testing to exploit potential opportunities.
people
Staff can be your strongest line of defence, but they can also be your weakest link. Our consultants can use a variety of methods, such as social engineering and open source intelligence (OSINT), to obtain credentials and gain access to your network.
physical security
Our team are experienced in conducting physical red team operations and, if instructed, will look to manipulate their way into premises. Once inside they will attempt to gain access to sensitive areas, or confidential information unchallenged.
process
Once inside your network, our security consultants will look to expose any poor security processes and controls. This could include poor internal password management, ineffective privilege access levels and a potential lack of incident response.
our approach
Red team engagements are complex, and our approach will be unique to your organisation, security posture, digital estate and the goals set. Broadly speaking, each assessment will go through the following stages:
1.scoping
We will work with you to ensure goals are defined, communication requirements set, and everything is in place before we start the test.
2. testing
Our testing can go through the following stages: OSINT & reconnaissance, vulnerability discovery, exploitation including social engineering, post-exploitation & persistence.
3. ongoing communication
We will communicate with you throughout the engagement, to your set requirements, updating you on progress and discussing potential future actions.
4. reporting
A full test report will be delivered at the end of the assessment, providing an in-depth review of findings and a timeline of activity that took place.
5. post-test support
We provide access to our consultants after the report has been delivered, allowing you to address specific concerns and to provide remediation advice.
6. retest
We offer an optional period of retesting to allow you to verify issues have been mitigated successfully.
why choose us?
We’re more than just a test provider, we’re here to support you and your ongoing information security improvements. It’s this support that truly sets us apart and can be seen at every stage of our red team process, from our scoping, which aims to fully understand your individual requirements, right through to post-test access to consultants.
experience and expertise
Our team of security consultants are red team experts and have have years of experience working with some of the world’s biggest organisations on complex, lengthy engagements, requiring a wide range of skills.
supporting your internal security team
We provide you with access to our team of consultants before, during and after the test has been concluded. They will be on hand throughout the process to pass on their expert knowledge and advice, as well as support your internal security teams with remediation efforts.
dedicated support
Every organisation we work with is assigned a dedicated account manager who will be your point of contact throughout the test. They understand the nuances of red teaming and are here to ensure your test runs smoothly.
quality reporting tailored to you
Every test report undergoes a QA process and is peer reviewed. Our red team reports provide a timeline of test activity, even those that were unsuccessful. Giving you valuable information about your vulnerabilities, the impact of exploitation at an organisational level and our remediation advice.
