What do we mean by "Red teaming"?
Red teaming is about accessing special, previously defined assets under realistic conditions. The red team represents the attackers. In addition to the red team, there is also a blue team, which represents the active defenders, i.e. the Security Operation Center (SoC), Cyber Emergency Response Team (CERT), and other individual key positions. Both teams are coordinated by a purple team, which we usually provide. In addition, the purple team “spurs” the blue and red team on to their best performance by giving both teams tips at certain times.
Penetration testing certifications and standards
The special features of ProSec® red teaming
It’s about building realistic scenarios
First, we classify the assets that are to be extracted in a workshop or kick-off. In addition, the usual legal framework conditions are clarified (implementation period, etc.). Then we define ethical nons, especially a must in the area of social engineering – or would you find it ethically correct to receive a phishing call in which we tell you that your child is currently undergoing surgery in hospital xy, due to a life-threatening accident becomes? Why? So that you as a key person can leave the company immediately and, if necessary, process weaknesses can be exploited.
After the initial appointment, we start with the red teaming – afterward, optional workshops can be held so that every attack can be analyzed together with the blue team. The SIEM use cases can be readjusted or even supplemented.
Further details are considered internal operations, due to improper use by third parties.
Red teaming extends over the longest possible period. This is the only way to carry out hacks that are really realistic. As a rule, the implementation time is three months.