simulation
As attackers’ Tactics, Techniques, and Procedures (TTPs) evolve at rapid pace, increasingly becoming more sophisticated in order to gain a foothold within a company, understanding how the adversary operates can be extremely challenging.
While most organisations have a good understanding of penetration testing and vulnerability assessment practices and a regular assessment framework will help to address many of the risks your organisation might face, it may not necessarily take all possible approaches into consideration.
Penetration Tests and Red Team Operations are helpful exercises against limited scope and known targets but given enough resources and time, a skilled attacker will find a way into your infrastructure. While traditional testing often excludes some attacks and are limited to known tools, Adversary Simulation, on the other hand, operates on a wider scope and is comprised by multiple engagement phases. It allows you to model an advanced persistent threat actor subverting established defensive controls, and identifying gaps in your defensive strategy.
advanced attacks to face tomorrow’s apts
ADVANCED PERSISTENT THREATS
How will your security team will react to a real world offensive team that is active inside of your infrastructure attempting to exfiltrate data and intellectual property? Our strategy-driven and goal-oriented team will assume pose as a skilled and advanced threat actor, simulating real-world adversaries, establishing persistence inside your network, flying stealthy under the radar conducting precision attack strikes.
Redaxer will perform an in-depth study of mission critical systems, deployed security controls and high value customer assets. We constantly develop, research, fine-tune and tailor our toolset: nation-state grade implants, payloads C2 frameworks and bespoke malware. Through privilege escalation, lateral movement and exploitation our operators will put your security teams, systems, appliances and security policies at the limit of their capabilities.
INCIDENT RESPONSE TEAM
Advanced Persistent Threats (APT) are relentless, why should your security team be any different? Modern enterprise have to maintain a strong defensive security posture able to operate under the assumption of being already compromised. The purpose of the simulation is to evaluate and improve the effectiveness and responsiveness of different security teams within your organization, identify and bridge gaps and normally hidden vulnerabilities that may hinder rapid threat detection and response. At the end of an engagement, your incident response team will
provide Redaxer with Indicators of Compromise (IoCs) believed to belong to Redaxer Team. Our operators will review these IoCs and highlight any successful detections into the report timeline. We will then work closely with your security team, explaining the conducted attacks (MITRE’s ATT&CK) from initial access and execution, all the way through exfiltration, providing recommendations to improve prevention, detection, and response capabilities in order to achieve the best security posture for the entire organisation, keeping you one step ahead of modern adversaries.
ADVERSARY ATTACK SIMULATION CAN INCLUDE:
- Exploit Development &
Vulnerability Research - Phishing Campaign
- Physical Intrusion
- Social Engineering
- Custom Evasion Techniques
- Open Source Reconnaissance
- Tailored Malware
- Targeted Web Application Attacks
- Wireless Attacks
target
accomplices
acquire tools
target
detection
intrusion
connection initiated
obtain credentials
foothold
data
remain undetected