A “Red Team” test is a completely different approach to security testing. Where the goal of a traditional penetration test is to identify as many vulnerabilities as possible, the goal of a red team engagement is to demonstrate the impact of an attack. This is done by going after particular goals or flags as well as testing the detection and response by the blue team / Security Operations Centre (SOC).
We can simulate any real-world situation scenario that can be imagined, for example:
- A group intent on disrupting or delaying operations and production
- Corporate espionage to obtain sensitive information
- An insider threat deploying malware or ransomware
- A cyber criminal gaining credentials to access data
- A hacker exploiting vulnerable services to access systems and data
Enquire about Red Team Engagements
Get in touch to find out more or to arrange a scoping call.
Adversary Simulation / Red Teaming
This service typically includes multiple disciplines such as infrastructure, web-app, phishing/Social Engineering, etc. and will often be generally larger engagements, with a wider scope (i.e. all assets owned by an organisation).
Traditional red teaming is completely black-box in nature and performed externally. Often this is quite expensive, due to the time requirement for information gathering and achieving a remote/external compromise.
A grey-box approach; that we call an Assumed Compromise Red Team Engagement aims to shorten the overall engagement time by providing the consultant(s) with a standard user account on the network and often a standard workstation/laptop. The consultants then pursue the agreed goals from there. This reduces the time requirement drastically.
Phishing and Social Engineering
Employee’s of a company generally want to do a good job, be helpful and provide excellent customer service. Sometimes this work ethic can be at odds with cyber security policies, and simple human error can lead to greater security breaches.
Our Phishing and Social Engineering services target the users, rather than the systems themselves. It is often used as part of a red teaming engagement but can be offered as a service all on its own. Most common is email phishing, but the service can also include voice phishing (vishing), which involves calling people on the phone to try and glean some information from them. It can also include physical social engineering, which aims to gain physical access to an agreed goal within an office, datacentre or other location.
This service allows an organisation to test the effectiveness of their cyber security training, HR policies, or on-site security and to identify unconventional vulnerabilities.
Spear Phishing and Whaling
Spear Phishing a whaling a more bespoke targeted forms of phishing. The objective of spear phishing is to use more advanced tactics to convince a user to act. This often involves additional research about the user, or their company to make the scam seem more convincing. The goal is usually to obtain information from the user, have them open a file, or perform an action.
Whaling is very similar to spear phishing, but targeting high level employees. This often involves the actor pretending to be another high level employee. Whaling can have a much more significant impact on a business when high level employees are exploited.
Our bespoke social engineering service works alongside an organisations IT department with a two fold objective.
- Assess the level of cyber awareness in an organisation
- Provide immediate remedial training for any users who are caught out
We want to be be clear that this is a NON-JUDGEMENTAL service. Anyone can be caught out by scams like these; even those in the highest echelons of the Cyber Security industry. Our intention is to support users; to help them understand how to validate the authenticity of any request. This should help to prevent future scams from being successful.
Alternatively, see more about our phishing_secure programme here.