Red Team Testing
At Packet Security we believe Red team testing the is best approach for testing the holistic security of an organisation. Red team testing is a multi-phase simulation or a real world attack that a group of sophisticated malicious threat actors would utilize.
With red team testing, the objective does not stop at an individual system or application, however these test are but a series of test to exploit vulnerabilities both technical and non technical in a APT scenario.
While most organisations have considered attack vectors that would be possible to exploit, most have not had a real world simulation to test their response these and other exploits that may be unknown to the organisation. Unlike traditional attacks which can be mitigated with the use of Corporate AntiVirus and Firewalls tools, APT (Advanced Persistent Threats) attacks general cannot be thwarted with these same methods.
What does a Red Team exercise entail?
A phased approach that challenges all the aspects of the business’ operating environment, through all physical and system layers of the business operation
From design, testing through education and up to full-scope penetration testing engagements the Red Team Testing uses proprietary tools to perform simulated attacks and exfiltration methods.
A focus on the often neglected aspects of a traditional security assessment such as intelligence gathering, profiling, process analysis, 3rd party suppliers, employee awareness and social engineering, as well as the technical ability to infiltrate into your information assets, the ability to perform a clean exfiltration and/or modify your data
What are the benefits?
Performing Quality Assurance testing of implemented security controls in real life scenarios.
A more defined perspective on current attack scenarios and potential business consequences
Red team exercises build confidence within an organisation, from shareholders down to the security & business continuity teams, that preparation, planning and investment are appropriate to task
Better risk understanding and management from board level where greater involvement will create better prioritization, and use of budgets & resources
What will the Deliverable's contain?
A report outlining results of the exercise which will cover technical details and process and policy issues with a series of industry best-practice recommendations
Review of results and feedback in a workshop setting, to build awareness and alignment among stakeholders, and a build an action plan roadmap of measures to improve security & resilience in the future
Short-term fixes for immediate remediation of any outstanding vulnerabilities
Long-term initiatives that will outline an action plan to remediate the identified vulnerabilities