Red Team Attacks or threat-led penetration tests (TLPT), are targeted and complex assessments that aim to simulate the behaviour of an external adversary against your organization and compromise critical assets. It differs significantly from a formal penetration test as it usually has a longer duration, the attack activities are not communicated and attack persistence is in scope.
Usually for mature technical and security teams, in organizations who treat security as a top priority, Red Team Attacks help you discover vulnerabilities in the following locations:
As in a formal penetration test, during this phase a "Rules of Engagement" agreement is defined, including:
Black-box, passive OSINT (Open Source Intelligence) techniques are used in combination with neutral observation actions in order to collect as much information as possible regarding the targets to be tested. The more the information, the most attack vectors can be crafted. The intelligence gathered can be of the following types:
A plethora of automated tools and manual scanning methods is utilized in order to discover possible entry points and attack vectors. The results will be used as a springboard for implementing exploitation attempts:
Based on the findings of the previous steps, proper attack vectors are designed and executed in order to exploit the detected vulnerabilities/flaws and penetrate into the application. The types of attacks can be:
Reports are a crucial step in a penetration testing engagement as the cornerstone deliverable which provide meaningful insights regarding the security posture of your organization, along with remediation recommendation for each detected risk. Our reports are built upon the following elements:
Are your defenses mature & your personnel security-ready?
Find Out!