Red team
operations

“Red Team” is a term that originates from the military jargon. It describes red team members as the opposing force (OPFOR) and blue team members as the ones of the defending force. The key theme is that the aggressor is composed of various threat actors, equipment and techniques that are at least partially unknown by the defenders.

When applied to cyber security, Redaxer employs a group of veteran security professionals with years of experience and in-depth expertise that provides an adversary point of view to the organization that we are helping.

Red Team operations are engagements where the blue team is not alerted of the ongoing test. Performing the operation without the knowledge of the Blue Team is what characterizes and diversifies a Red Teaming operation from a normal penetration test. The operation can be performed in two different ways: black-box, where the attacking team does not have any prior knowledge of target’s infrastructure, and gray box, where the attack starts from an “assumed breach” scenario, in which the red team is already inside the perimeter. Red Team members behave exactly as an attacker and they are not assigned with a specific and restricted scope.

Penetration testing's next level

TAILORED TO YOUR BUSINESS NEEDS

After planning with you the operation and defining the goals, our first activity will consist of trying to compromise your perimeter defences. This means we will try anything an attacker would try; our operators will not limit to computer systems, we will phish your employees, adopt social engineering techniques and perform physical intrusion with the ultimate goal of breaching your external defenses and gain a foothold inside your organization. After a successful breach, our Red Team members will report

every vulnerability and problem, we will then proceed to teach you how to successfully patch them. We will work side by side with your Blue Team (the defenders) to make sure they fully understood our Tactics, Techniques and Procedures (TTPs) and how to successfully counter them. The goal of a Red Team operation, in fact, is not to get caught, it’s to train and equip the Blue Team with the right tools and mindset to make sure if a threat actor will ever attack your organization they will catch it.

PENETRATION TEST VS RED TEAM OPERATIONS

Redaxer offers both Penetration Testing and Red Team Operation services. Even though neither test replaces the other, there are some fundamental differences. While a Penetration Test (PT) is traditionally performed having the defendant team knowing that their systems/applications are being tested, a Red Team Operation (RT) goes deeper. A Red Team Operation is similar to a Penetration Test but it does not stop on network and application layer. Physical intrusions, phishing campaigns and human factor (social engineering) are also exploited

in order to gain access to customer’s organization. Blue team (customer’s security defense department) will be also evaluated. Red Teams explore how deep an attacker can go when taking advantage of these flaws and vulnerabilities. It will reveal how newly discovered threats or emerging vulnerabilities may potentially be exploited by attackers and how well prepared is your security team. Still not sure? Review or services comparison matrix or talk to an expert. Do not worry, we will work with you to fully understand your organisation’s needs, goals and desired outcomes.

RED TEAM OPERATIONS CAN INCLUDE:

  • Open Source Intelligence
    (OSINT)
  • Phishing Campaign
  • Physical Intrusion
  • Social Engineering
SCHEDULE A
RED TEAM ASSESSMENT
engage us