Red Teaming

Red teaming describes a complete, multi-level simulation of an attack against an enterprise. The entire red team has the main goal of training and measuring your blue team's ability to detect, protect and react when facing a real attack. In comparison with a traditional penetration test, red team assessments often take place over several weeks or even months to allow for a more stealthy and selective approach by the attackers, or the so-called red team.

 

Penetration Test vs Red Teaming

Whereas penetration tests and security assessments often focus on a very specific aspect of your company's infrastructure, its assets and related vulnerabilities. A red team attempts to measure the effectiveness of the whole enterprise (people, technology, processes and physical elements) to defend its IT infrastructure. A red team assessment can answer the question if your implemented cyber security measures, crisis concept, detection mechanisms, processes and monitoring work well together and are able to detect and react to state-of-the-art attacks.

 

Black-Box Approach

To simulate such an attack, the red team is given no information about the target and has to work its way from the outside all the way into the heart of your company's infrastructure. This involves techniques like information gathering via open source intelligence (OSINT), social engineering attacks like phishing and employment of sophisticated, tailored software to gain access and maintain control over the target infrastructure.

 

Mission Possible

In order to challenge the blue team and your company's defenses, the red team exercise is based on missions which are defined in collaboration with the customer. These missions are specifically tailored to your company and usually involve key business-critical assets and systems. This may include access to core systems or sensitive data, modification of the company's public-facing assets or the exfiltration of data.

 

Lessons learned help to raise defenses

As a conclusion of the red team assessment – and simultaneously the most important aspect of it – debriefing workshops are held between the red team and the blue team (your cyber defense team). These workshops serve the purpose of identifying and assessing the capabilities of the blue team, providing it with detailed information about the performed attacks (such as indicators of compromise (IoC) according to the MITRE ATT&CK™ tree), identifying potential blind spots and ultimately improving the overall security posture and resilience of your company.

 

 

We are glad to give you further information: Your contact person

CALENDAR

Basel Economic Forum 2019

The Basel Economic Forum is the economic forum for the trinational metropolitan region of Basel and northwestern Switzerland. The 6th event will take... Read more

New: Compass-Training "Internal Network and System Security" in Bern

In the 2-day seminar (in German) from February 11/12, 2020, you will get to know the most important basic concepts of IT security, attack tools and... Read more

KMU Swiss Forum 2020

The association «KMU Swiss» promotes the interaction between companies and specialists. He organises the annual KMU Swiss Forum. The next years motto... Read more

ALL DATES

NEWS

Vulnerability in totemodata

Fabio Poloni identified an XSS vulnerability in totemodata®. Read more

Gesundheitswesen: Ein leichtes Ziel für Hacker

«Heime & Spitäler» ist das Fachmedium für Entscheidungsträger von Schweizer Heimen und Spitäler. In der aktuellen Ausgabe beschreibt Compass Security... Read more

Vulnerablitity in VeloCloud™

Silas Bärtsch identified a vulnerability in VeloCloud™ (VMware), that allows a VeloCloud standard admin user to access user information of other... Read more

ARCHIVES

Compass Security Blog

Hacking Tools Cheat Sheet

Everyone knows: cheat sheets are cool! They are very useful if you already know the basics about a topic but you have to look up details when you are not sure about something. mehr

Introducing Web Vulnerabilities into Native Apps

Mobile applications nowadays make heavy use of WebViews in order to render their user interfaces. Frameworks such as PhoneGap / Apache Cordova are even used to implement most of the application's... mehr

ZUM BLOG