Red Teaming

Red teaming describes a complete, multi-level simulation of an attack against an enterprise. The entire red team has the main goal of training and measuring your blue team's ability to detect, protect and react when facing a real attack. In comparison with a traditional penetration test, red team assessments often take place over several weeks or even months to allow for a more stealthy and selective approach by the attackers, or the so-called red team.

 

Penetration Test vs Red Teaming

Whereas penetration tests and security assessments often focus on a very specific aspect of your company's infrastructure, its assets and related vulnerabilities, a red team attempts to measure the effectiveness of the whole enterprise (people, technology, processes and physical elements) to defend its IT infrastructure. A red team assessment can answer the question if your implemented cyber security measures, crisis concept, detection mechanisms, processes and monitoring work well together and are able to detect and react to state-of-the-art attacks.

 

Black-Box Approach

To simulate such an attack, the red team is given no information about the target and has to work its way from the outside all the way into the heart of your company's infrastructure. This involves techniques like information gathering via open source intelligence (OSINT), social engineering attacks like phishing and employment of sophisticated, tailored software to gain access and maintain control over the target infrastructure.

 

Mission Possible

In order to challenge the blue team and your company's defenses, the red team exercise is based on missions which are defined in collaboration with the customer. These missions are specifically tailored to your company and usually involve key business-critical assets and systems. This may include access to core systems or sensitive data, modification of the company's public-facing assets or the exfiltration of data.

 

Lessons learned help to raise defenses

As a conclusion of the red team assessment – and simultaneously the most important aspect of it – debriefing workshops are held between the red team and the blue team (your cyber defense team). These workshops serve the purpose of identifying and assessing the capabilities of the blue team, providing it with detailed information about the performed attacks (such as indicators of compromise (IoC) according to the MITRE ATT&CK™ tree), identifying potential blind spots and ultimately improving the overall security posture and resilience of your company.

 

 

We are glad to give you further information: Your contact person

CALENDAR

Connecta 2019 - Digitalization takes center stage

Digitalization and its effects on society and business are the focus of this year's Connecta. Read more

Compass-Training "Secure Mobile Apps" in Zurich

In the 2-day course (in German) from November 5/6, 2019, you will learn about the most important security problems of mobile apps. Read more

BlackAlps 2019

The event features cyber security experts from Switzerland and abroad. Besides tech talks there are also workshops such as the hands-on security lab... Read more

ALL DATES

NEWS

Gesundheitswesen: Ein leichtes Ziel für Hacker

«Heime & Spitäler» ist das Fachmedium für Entscheidungsträger von Schweizer Heimen und Spitäler. In der aktuellen Ausgabe beschreibt Compass Security... Read more

Vulnerablitity in VeloCloud™

Silas Bärtsch identified a vulnerability in VeloCloud™ (VMware), that allows a VeloCloud standard admin user to access user information of other... Read more

Danke für Ihren Besuch auf der it-sa

Die it-sa 2019 liegt bereits hinter uns. Wir blicken zurück auf drei intensive Tage in Nürnberg, mit vielen tollen Gesprächen und interessanten... Read more

ARCHIVES

Compass Security Blog

There is such thing as a free lunch

Usually you need to pay for lunches with cash or using your credit card. But in some places employees can pay for a lunch using their access badge. And this is the payment method that will be covered... mehr

A Smart Card Odyssey

Black box analysis of a not so smart card in ID-1 form factor that is in use for the billing of washing machines and tumble driers. mehr

ZUM BLOG