Adversary Emulation

Red Team

The purpose of this assessment is to measure your defense, detection, and response capabilities by simulating a highly-skilled and determined adversary who may attack within the technical, social, or physical domains.

For organizations that have attained a higher level of InfoSec program maturity, Red Team Security Assessments can be a powerful enabler of even further gains in defensive capabilities. This is a real-world test of your security controls' ability to prevent a highly-skilled adversary from compromising your data. Red Team Testing differ from traditional Penetration Assessments in that they provide increased timelines and often multiple concurrent assessors. This additional time and work capacity allow for more advanced tactics, techniques, and procedures (TTPs) such as evasion, social engineering/physical attacks, and the ability to achieve very explicitly defined goals.

Red Teaming Answers Important Questions

• Can an external attacker compromise my network while completely evading my detection?
• Is my organization capable of stopping a determined attacker after detection?
• What's the worst that could happen if some of my employees click something they shouldn't?
• Is my team capable of detecting a threat before exploitation, post-exploitation, or never?
• Can an attacker acquire control of my CFO’s email and Active Directory credentials all from the internet?
• Could an external attacker compromise my most sensitive databases, even without relying on social engineering or physical access?
• Are my employee's credentials already out there in existing breaches?
• How would I respond to an adversary not so time-limited as during a pentest, willing to attack wherever it takes to meet goals? 
• Am I ready to withstand attacks from technical, physical, social engineering, or a mixture of many domains?

Purple Team Workshop

Analysts watch dashboards full of false positives and waste time tracking down benign threats. With purple team exercises, you'll pinpoint which alerts are indications of a real compromise and filter out the noise. Understanding how advanced threat actors are moving throughout networks allows defenders to monitor and alert on suspicious behaviors before any damage is done.  

Phishing / Spear Phishing

Our phishing simulations can be tailored to fit the needs of your organization. Our testers will create a custom phishing scenario for your organization, considering information about your environment that may increase trust. We can test simple user response such as clicks, page views, and credential submissions as well as custom payloads meant to simulate a real-world attack on your internal networks. 

Physical Security

Our physical security adversary emulation services will evaluate your physical access controls as well as employee adherence to security policies. Testers will utilize deception in an attempt to gain entry to your environment as well as common techniques such as door bypass and lock picking, tailgating and access card cloning.