Red Team Testing:
Simulating Us Against You
While still collaborative, red team testing involves our experts doing whatever they can to break into your systems (within the mutually agreed upon confines of our exercise).
Red teams are far less cooperative than blue teams. Here we act as the “breakers” and, based on the mutually agreed upon terms of our engagement, we set out to do whatever it takes to gain unauthorized access to your systems. We can define specific objectives for our “attackers” to try and exploit, or we can set off and do our best to find a way in.
In a red team assessment, we conduct open-source collection activities about your company and use that knowledge in an attempt to gain unauthorized access to your systems. Our experts can also incorporate social engineering testing to our red team work to thoroughly assess the security awareness of your personnel. We use a disciplined series of progressively targeted social strikes to identify areas of consistent security weakness across your personnel base. This can include targeting select employees with tailored telephone and/or email messages using spoofed email addresses, assumed identities, fake social media accounts, baiting/quid pro quo techniques, phishing email, telephone, SMS, and other electronic delivery methods.