Thinking Outside The Box
A red team assessment can give your business a fresh and accurate look at your security posture. Most businesses do not employ inside teams dedicated to offensive security, and those that do often limit themselves because the team is already part of the company and subject to its culture.
What Is Red Teaming
There are many different interpretations of the term red team. In a general sense, a red team is an independent group that challenges an organization to improve its effectiveness by assuming an adversarial role or point of view. Specifically in security, a red team attempts to gain access or obtain information from an organization in order to discover holes in that organization’s security.
A Red Team...
Views the problem from a systems perspective.
Is not subject to the cultural biases of a decision maker, and as appropriate, adopts cultural perspectives of the adversary or competitor.
Employs a multidisciplinary range of skills, talents, and methods.
Understands how things work in the real world.
Avoids absolute and objective explanations of behaviors, preferences, and events.
Questions everything (to include both their clients and themselves).
Breaks the rules.
A Red Team Does Not...
Accept, without question, the clients description of the problem.
Embrace the biases inherent in their own values and culture.
Adopt the first or most easily discerned answer.
Defer to reputation and status.
Know it all.
The Purpose Of A Red Team Exercise
Red team exercises are carried out for a few main reasons. Take a look at the following examples:
– A company may have recently installed a completely new perimeter security system and would like it tested.
-Perhaps a business is on the verge of releasing their new web application, but wants an outside source to find anything they may have missed.
-Finally, a CSO wants to show the other C Levels how vulnerable their company really is, in order to get more funding. To accomplish this, he hires a red team to compromise other executives.
The preceding examples all have one thing in common. It all comes back to the definition of a red team. In all of these cases, the red team was hired to find vulnerabilities in systems. These vulnerabilities are usually know unknowns; the company knows vulnerabilities exist, but do not know what they are. Red teams may also find unknown unknowns; vulnerabilities that a business did not know they did not know about.
A red team is hired to act as the adversary, in order to find vulnerabilities in a system.
Hiring a red team allows you to discover not only vulnerabilities, but a red team will also force other issues to surface. When the red team acts as the enemy, there is no telling what will be found.
Check The Ego
Those who think they are too technologically savvy to fall victim are the ones that can cause the most problems to an organization. A red team exercise can be a humbling experience for some.
Strengths & Weaknesses
A red team exercise will allow you to obtain a clear picture of your strengths and weaknesses as an organization. Not only will you now know what needs to be improved, but you can obtain valuable advice on how and why to fix the problems exposed by the exercise.
Test Incident Response Capabilities
The best way to test your incident response is with a realistic situation, and what better a realistic situation than a simulated attack. A red team exercise can provide an organization with the closest thing to an attack, aside from a real attack.
Demonstrate Security Controls & Justify Spending
Many security leaders are under immense pressure to produce with inadequate resources. This is often misunderstood by other leadership. A red team exercise can help leadership and other employees understand the complex and tricky nature of security. This revelation can justify spending and prove your security controls.
What You Should Do
No matter how secure you think you are, there will always be vulnerabilities. A red team can help you find those vulnerabilities, and often times, they will find things you were unaware of. We can help you find your security holes. Let us act as the adversary and help you stay secure, before the real enemy compromises you.