Red Team Assessment
Penetration Testing is often the core element of an organisations information security strategy. However, to fully understand whether your company is prepared to withstand a full-scale cyber attack, a Red Team engagement is the closest you will come to simulating an advanced persistent threat against your organisation. Our consultants are trained to rigorously test your organisation’s ability to detect and respond to the current threats posed to your industry.
Red Team assessments are complex assessments that span over multiple attack vectors, which aims to simulate a realistic scenario from an Advanced Persistence Threat (APT) group’s perspective. This will include covertly attacking a company’s external and internal network(s), applications, people and physical security controls.
Our experienced security consultants (that have worked in the intelligence and special operations community) will use the latest threat intelligence gathered on your organisation to deliver an engagement that mimics real-world situations that would be carried out by organised crime groups, state-sponsored actors, insider threats, corporate espionage spies and politically motivated groups.
Listen to one of our Red Team Assessment experts breakdown of this Pentest People Service
OUR APPROACH
Testing all Areas of Your Business
By simulating an advanced persistent threat, red team engagements fully test the ability of your organisation from its staff, technology and policies to identify and mitigate against such threats. The red team consultants will assess the whole attack surface of your organisation, and identify areas where sensitive information and critical assets are at risk of compromise.
Red team engagements are capable of detecting many of the vulnerabilities that are often overlooked and inherently restricted by scopes in traditional testing methods due to the comprehensive methods the consultants use.
Real Life Attack Scenarios
Cyber criminals and state sponsored actors will use any method to exploit any and all vulnerabilities they can to compromise your organisations security and reach their end goal. Our red team consultants will reply the same tools, procedures and tactics to ensure the advanced persistent threat simulation is as realistic as possible.
The red team engagement will use a blend of attack tactics to challenge the virtual and physical defences of your organisation deploying tactics such as social engineering campaigns, simulated malware and ransomware attacks and physical intrusions on company sites.
What is Advanced Persistent Threat (APT)?
APT stands for Advanced Persistent threat and is a real danger to todays businesses.
Advanced Persistent Threat (APT) groups are organisations that are classified worldwide as actors that lead attacks on a country or organisations information assets that are of financial, security and strategic economic importance. These are often the big players reported in the mainstream media such as Fancy Bear from Russia and Lazarus Group from North Korea and use tactics such as misinformation, social engineering and sophisticated hacking techniques over a sustained period of time.
Due to the advanced and continuous nature of these attacks, they are often aimed at high level organisations and state targets, however small to medium sized business are often in their sights if they make up the supply chain of these bigger targets.
Our Red Team Framework
Engagement
This first stage is an opportunity for the client and consultant to establish boundaries and rules of engagement for the assessment which will ensure minimal risk is out on the day to day running of your organisation. Our expert consultants will identify current risks associated with the clients business and build goals to simulate that risk.
Reconnaissance
Our consultants will use a number of tactics to covertly gain information on your organisation that is available within the public domain.
Information gathered at this stage will be used in phishing style attacks and for information on the physical target.
Delivery
Our consultants will use the information from the reconnaissance phase to now gain a foothold into the networks, or breach buidings.
Stand-off electronic attacks against wireless networks, electronic bypass methods and spear phishing can be used by our consultancies to breach locations.
Command and Control
Once a foothold has been established, our consultants will test the resilience of an organisation to establish its response to an advanced persistent threat and its capability of identifying any ingress and egress of sensitive or malicious data.
Lateral Movement
Simulating the movements of a real world ‘hacker’, consultants will use techniques often found during a penetration test to move laterally through the company to gain access to critical or company sensitive data.
Post Engagement
Post engagement is an opportunity for our consultants to debrief the client prior to report submission and offer expert tactical and strategic recommendations to help further develop your security strategy and enhance your future response to potential cyber attacks.
What Are The Risks?
IT Security and the associated terminology is a mainstream issue for all businesses due to the reliance business places on its IT systems combined with the prevalence of attacks.
IT Security issues have become commonplace in todays society with almost weekly coverage in the news regarding the latest data breaches with the larger attacks attracting substantial financial penalties.
Various forms of compliance exist that mandate regular Penetration Testing as a required standard and the risks of not doing anything are widely publicised.
How Can We Help?
Pentest People can help alleviate the risks associated with IT Security issues by performing regular Internal and External assessments of your corporate infrastructure to identify if any issues exist and to give you an ability to remediate these before an attacker could exploit them.
Pentest People are accredited to CREST and UK NCSC CHECK standards and can provide infrastructure testing against all types of IT infrastructure used within your organisation
The service would be delivered as part of the Pentest People Penetration Testing as a Service (PTaaS) and full access to the SecurePortal and other complementary tools would be provided.
Red Team Assessments allows access to SecurePortal
Digital Report
Until now, the traditional deliverable from a Penetration Test engagement has been a lengthy 100+ page PDF report.
Pentest People have developed a solution to this issue where you interact with your vulnerabilities within the SecurePortal.
Vulnerability Data
Constantly updating Vulnerability Information to stay in touch with the emerging threat landscape.
Receive overview and trend data of all of the current security issues you face in your organisation. All viewable on an interactive dashboard.
Skilled Consultants
Rest assured that your assessments are performed by qualified Security Consultants.
Our specialised team of security consultants hold industry qualifications such as CHECK Team Member & Team Leader, CCIE, CISSP and CEH.
Red Team Assessment Service Review Transcript
Panzers people’s team of social engineers combined phishing phishing under physical intrusion engagement to give you a perfect red teaming exercise. By modelling the ways that a APT’s and other Serious Organised Crime go after organisations, we can help you assess your defences.
These engagements will generally start out with an incredibly detailed scoping procedure, where one of the social engineers that we employ will come and walk you through exactly how these engagements are going to be laid out.
From there, we will generally start off with some open source intelligence gathering. This takes the form of anything that is on the public Internet is scrolled, scraped, and presented in a document. This part of the engagement then informs the later parts, namely fishing and fishing. Based on the information that has already been gathered, and indeed, based on information that is provided by yourselves. The consultant will attempt to perform several forms of social engineering. This can be fake emails, designed to elicit credentials from a user or fake phone calls to gain information about the layout of a business. And finally, the last piece of the puzzle is the physical intrusion.
The physical intrusion element of the engagement is the final piece of the puzzle. It builds upon the open source intelligence and more importantly, the social engineering that’s already been carried out. To attempt to gain access to any physical location that you think might be a key component in your business. Be that your head offices, a secure Operation Centre, or even highly valuable data centres. The consultant will again try and gain access via a number of methods either by booking a meeting room by tailgating in or by turning up as a health and safety inspector. For example, once the consultant has gained entrance, or attempts to gain entrance, and if they are successful, they will then perform a series of actions. These will be discussed with you beforehand. For example, the consultant may attempt to drop mock listening devices in sensitive areas of the business, they may in fact attempt to plug into your network and elevate permissions and exfiltrate data. Or finally, they may simply try and take photographs of sensitive documents and then leave Asli they may of course, simply try to elevate their behaviour until they are apprehended. It really depends on the engagement that you want.
That was red teaming by Liam.
Key Benefits
Understand the Internal and External security issues you face through a very thorough assessment from a qualified security consultant.
- Identify Security Vulnerabilities within your organisation allowing you to proactively remediate any issues that arise
- Improve your security posture, allowing you to reduce the threat of a cyber attack occurring against your business
- Comply with various regulatory bodies who mandate regular Penetration Testing be performed within your infrastructure
- Be able to prove to your supply chain that you are taking the necessary precautions to ensure your strong security posture
- Be able to focus efforts on important security issues by identifying the high-risk items identified in the Penetration Testing report