It is goal-oriented approach, operating with zero prior knowledge in a low and slow manner, aiming to remain undetected by the security monitoring and adjacent controls in place, while demonstrating the impact of a successful targeted cyber-attack from a dedicated seasoned team. It provides remediation actions on vulnerabilities and general security issues identified/exploited during the attack simulation.
WHY RED TEAMING
The exercise is designed to measure the effectiveness of the people, processes, and technology that are involved in organization’s defenses against cyber attacks. In contrast to traditional penetration testing, Red Teaming uses Tactics, Techniques, and Procedures (TTPs) to measure how well an organization’s security operations deal with a cyber threat.
Bespoke attack scenarios within the context of the Red Teaming exercise will evaluate the ability of an external actor to achieve specific milestones, while aiming to remain undetected. Indicative scenarios and milestones:
- Gain control of any workstation in the client’s infrastructure and remain undetected (persistence)
- Demonstrate the ability to cause reputational damage to the client by acquiring HR related data (data exfiltration)
- Gain access to the client’s key systems supporting core business processes (e.g. Active Directory, Exchanges servers)
- Gain control of a privileged access accounts (lateral movement/privilege escalation)
ASSESS YOUR SECURITY POSTURE
The objectives of the Red Teaming exercise are to assess (a) client’s incident detection and response capabilities and (b) the effectiveness of the infrastructure defense mechanisms against real-world cyber-attacks. Evasion of the security mechanisms in place – including EDR solutions – and stealth operations regarding SOC monitoring are considered of utmost importance.
GAIN VALUABLE INSIGHTS
The Red Teaming exercise provides valuable insight on the defensive teams in order to improve organizational readiness against cyber threats while uncovering hard-to-see operational oversights that the organization is not aware of.
The Red Teaming exercise is conducted within a predefined time window by a dedicated experts team using tactical tradecraft and advanced exploitation methods. A dedicated, full-blown C2 (command & control) infrastructure per engagement is used in every step, incorporating the latest evasion techniques in custom implementations.
OBRELA LABS SERVICES
Obrela Labs Penetration Tests are carefully tailored to simulate scenarios that assume different attacker’s standpoints and levels of knowledge regarding the target.Learn More
The Red Teaming exercise is a long-term adversarial simulation of sophisticated real-world cyber threats. Its objective is to assess the level of readiness of the client’s organization in dealing with attacks by targeted evasive threats, across all stages (Initial Infection, Foothold establishment, Lateral Movement & Privilege Escalation, Data Exfiltration)Learn More
The Vulnerability Assessment consists of a vulnerability scan against the systems in scope, aiming to identify known software flaws and misconfigurations.Learn More
SUBSCRIBE TO OUR NEWSLETTER
Subscribe and get up to date with all the latest industry trends and insights from the Cyber security domain.