A targeted test of your organization across multiple possible areas, to determine the extent of how an advanced, well-planned attack would disrupt your operations.
A red team may include tests across technologies, people, processes and physical locations. The difference between a red team and a penetration test is usually a combination of scope and duration.
A red team can go beyond a penetration test to identify potentially damaging ‘cracks’ that could be exploited. Advanced attacks are likely to be a blend of cyber, physical and social engineering attacks. Determining the potential damage for these should they succeed, can identify the remediation required, as well as provide further measurement on the effectiveness of your security investments.
We will work with you to determine the scope and targets for the test. Testing usually covers a combination of:
- Cyber – Your organizations IT/digital assets
- Physical – The locations where you conduct your business
- Social – Your organization’s people
A pre-assessment can help to ensure clients get what they need and sometimes leads to a re-focus of testing based on the findings.
At the conclusion of the test our team will provide both an executive summary and a detailed technical report. All vulnerabilities which have been identified and exploited will be included, with full remediation details. Systemic issues will be called out and recommendations made. Where existing controls can be used to remediate a problem, this will be provided also.