What is a red team assessment?
Prepare your security team with a controlled and realistic cyber attack simulation. By employing a range of penetration testing and social engineering techniques, IT Governance can help you detect and respond to the latest types of cyber attack.
Red team assessments help your organisation remain competitive while securing its business interests by:
- Simulating real attacks from a threat actor’s perspective – understanding how an attacker sees your organisation and attack surface;
- Focusing on your critical assets – establishing clear targets based on their importance and value to your business; and
- Testing your detection and response capability – a red team assessment will test your organisation’s broader processes and security controls.
Did you know?
Cyber security threats are constantly evolving, so a network that is secure one day may be vulnerable the next. According to Dark Reading, nearly 8 billion information records were exposed in 2017.
Breach incidents aren’t cheap. Ponemon Institute’s 2017 Cost of Data Breach Study identified that breaches cost an average of $141 per stolen record. A red team assessment can help you stay one step ahead of evolving cyber risks by stress testing your security posture.
The benefits of a red team assessment
Unlike a penetration test, the goal of a red team assessment is not just to test your systems, but to also test your people and processes. How will your security operations centre react to an advanced threat? Will they notice a temporary worker extracting data from the network? When presented with an infected USB drive, will your employees be willing to insert it into their computer?
Our red team assessments will help you:
- Get a better understanding of how cyber attackers gain access to your environment, network and sensitive data;
- Validate your organisation’s security posture and its important assets; and
- Contextualise business process improvements by delivering more intelligence on the risks, their impact and remediation options.
Is a red team assessment right for you?
- You want to test your organisation’s detection and response capabilities.
- You need to determine whether an adversary could achieve a specific goal.
- You want to judge how well your incident response team performs.
- You want to test multiple elements of your organisation’s overall security posture.
Our engagement process
Our CREST-accredited penetration testers will develop a tailored engagement based on your organisation’s requirements and goals. Attack scenarios can be crafted to emulate specific types of threat actor. We can use traditional and non-traditional techniques to test your resilience to intrusion, fraud, data extraction, internal threats, corporate espionage and physical attacks.
- Scoping: We determine your objectives for the exercise and the rules of engagement, including any operational rules.
- Reconnaissance: The red team uses a variety of intelligence-gathering techniques to gather information from public sources related to your organisation, which is used to determine appropriate attack scenarios for the exercise.
- Assessment: We implement an attack plan to penetrate your network. Our red team attempts to gain access to the systems that hold the target information defined by you. Exfiltration of data is attempted over a secure channel to evaluate your security controls to detect and prevent loss of information.
- Clean up: The red team records the attack and which systems and tools are used or accounts created to achieve access. The red team restores any systems to their initial states.
- Reporting and debrief: We provide a report of findings, which gives a detailed view of the critical, high-, medium- and low-priority risks, along with appropriate recommendations.
Our penetration tests comply with the Microsoft Rules of Engagement
For Azure clients, this means we take care to limit all penetration tests to your assets, thereby avoiding unintended consequences to your customers or your infrastructure.
“IT Governance combines the delivery of real insights with a cost-effective service.”
Ian Kilpatrick, Group Information Security Officer at Collinson Group.