The purpose of this assessment is to measure your defense, detection, and response capabilities by simulating a highly-skilled and determined adversary who may attack within the technical, social, or physical domains.
For organizations that have attained a higher level of InfoSec program maturity, Red Team Security Assessments can be a powerful enabler of even further gains in defensive capabilities. This is a real-world test of your security controls' ability to prevent a highly-skilled adversary from compromising your data. Red Team Testing differ from traditional Penetration Assessments in that they provide increased timelines and often multiple concurrent assessors. This additional time and work capacity allow for more advanced tactics, techniques, and procedures (TTPs) such as evasion, social engineering/physical attacks, and the ability to achieve very explicitly defined goals.
Red Teaming Answers Important Questions
- Can an external attacker compromise my network while completely evading my detection?
- Is my organization capable of stopping a determined attacker after detection?
- What's the worst that could happen if some of my employees click something they shouldn't?
- Is my team capable of detecting a threat before exploitation, post-exploitation, or never?
- Can an attacker acquire control of my CFO’s email and Active Directory credentials all from the internet?
- Could an external attacker compromise my most sensitive databases, even without relying on social engineering or physical access?
- Are my employee's credentials already out there in existing breaches?
- How would I respond to an adversary not so time-limited as during a pentest, willing to attack wherever it takes to meet goals?
- Am I ready to withstand attacks from technical, physical, social engineering, or a mixture of many domains?
Purple Team Workshop
Analysts watch dashboards full of false positives and waste time tracking down benign threats. With purple team exercises, you'll pinpoint which alerts are indications of a real compromise and filter out the noise. Understanding how advanced threat actors are moving throughout networks allows defenders to monitor and alert on suspicious behaviors before any damage is done.
Our offensive security experts are specially equipped to simulate real-world attacks that APT groups use in the wild. Using the ATT&CK Framework from MITRE as a baseline, supplemented with our offensive techniques, we step through every phase of an attack from network enumeration to privilege escalation to full domain compromise. We'll help verify your existing controls are working by executing attacks in your environment in a controlled setting. We'll pull the curtain back on how attackers exploit a target.