Companies are more and more aware about the threats derived by possible cyber-attacks which are evolving rapidly in sophistication, stealth, and complexity. For this reason, small, medium and large organizations are deploying defensive layers, mechanisms and solutions to prevent cyber threats from occurring: firewalls, IDS, IPS, and other systems compose the defense line against malicious operations. To these technical devices, we can add the human layer - the so-called “blue team” - that configures, maintains and operates on this infrastructure. There is one problem though: this defense works with different interaction and processes, that in some cases, are extremely complex and is mainly tested only when a harmful and stressful incident occurs.
How can we be sure your defenses work properly? And how can you know if your internal security team and security operations center (SOC) is really prepared to detect and respond to a targeted attack?.
Our red team assessment is the practice of attacking a problem from an adversarial point of view and follows different approach from a typical security assessment. It relies heavily on well-defined tactics, techniques, and procedures (TTPs), which are of utmost importance to successfully emulates realistic threat or adversary.
Our services rely on highly skilled security professionals, senior penetration testers, and ethical hackers from different backgrounds and various skills with extensive experience, in both defense and offense, combining unique mindsets for the same goal: YOUR SECURITY.
The rationale for red teaming is to be defined during this phase. There is a need before engaging in any activity to assess the customer’s current needs and the scope of the actions that will be undertaken. This is the phase during which limitations such as the duration, the legal boundaries and prohibited actions have to be determined. This can be compiled under the form of a “rules of engagement” document
Each phase is broken down in sub-phases representing the attack execution workflow as shown below:
All findings will be documented in a final report, and then compared with a strengths/weaknesses profile against international standards for IT & Cyber Security. The identified weaknesses will be assessed and supplemented with recommendations and remediation actions, as well as prioritized according to the risk associated.
The final report will be discussed during a presentation with you. The report will include a comprehensive and meaningful C-level summary of the executed red teaming exercise. Additionally, it will include all detailed results with respective evidence and recommendations for future security measures
Although red teaming is offensively focused, it is ultimately used as a tool to improve security. A workshop with all necessary party’s representatives is organized to discuss the red teaming engagement and findings.
The workshop has for main objective to go through all actions performed by the red team. For actions undetected by blue team, the goal is to understand why detection mechanism and procedures failed, in order to take out lessons learned and improvement actions.
wizlynx's security consultants and penetration testers hold the most recognised certifications in cyber security and penetration testing industry such as: SANS/GIAC GPEN, GWAPT, GCIH, GMOB, OSCP, CEH, CISSP, CISA and more!