Red Team Assessments – The Fundamentals 1.1

Dave Benson

Infrastructure Tester

Dave is an Infrastructure tester here at Pentest People. Highly engaged in Social Engineering and Red team Assessments. Coming from an intelligence and special operations community, this consultant has great first-hand knowledge of the techniques used in these services.

Red Team Assessments – The Fundamentals 1.1

We’re in an age where information is king, misinformation is rife and mass data breaches are commonplace in the mainstream media. Ensuring the security of your organisation’s data, infrastructure and people is paramount and choosing the right service to secure those things is just as important.

At Pentest People, we are now delighted to offer our new Red Team Assessment service to our customers. But what is a Red Team Assessment and how does it differ from a Penetration Test?

Threat actors use an array of tactics so a Red Team Assessment needs to meet these threats head-on and simulate the methods they use. Fight fire with fire as it were.

Red Team engagements fully test the ability of your organisation, from its staff, technology and policies to identify and mitigate against a multitude of threat actors such as organised crime, insider threat, state-sponsored threats and advanced persistent threat groups. The red team consultants will assess the whole attack surface of your organisation, and identify areas where sensitive information and critical assets are at risk of compromise.

Red Team Assessments are capable of detecting many of the vulnerabilities that are often overlooked and inherently restricted by scopes in traditional testing methods due to the comprehensive simulation methods the consultants use.

Red Teaming will use a blend of attack tactics to challenge the virtual and physical defences of your organisation, deploying real-world tactics such as in-depth Open Source Intelligence (OSINT) gathering, Social Engineering (SE) campaigns, simulated malware and Ransomware Attacks, and physical intrusions on to company sites.

Using the industry recognised Red Team Framework, consultants tailor the assessment to meet the goals that reflect the risks and threats to your organisation.

The deliverable from a Red Team Assessment is a multi-vector threat analyse report which will offer your organisations technical teams and SOCs a full overview of your threat landscape, a step by step guide of vulnerabilities and breaches found by the consultants. Finally, it will present strategic and tactical recommendations to help further develop your security strategy and enhance your future response to potential attacks.

‍

Video/Audio Transcript

Learn Something New

Have a read of our blogs written by industry experts, covering topics from all areas in cyber.

New Academy Trainees First Week

This blog is written by our new academy trainees who have just completed their first week here at Pentest People. They have each written a paragraph to talk about how they have found their first week and what they hope to succeed in the next coming weeks.

Police Arrest LabHost Cybercrime Gang

This blog covers the most recent Cybercrime gang that have been arrested by police after fraudulent activity exposed. Our Incident Response expert comments on this and gives his opinion on this situation.

Roku Makes 2FA Mandatory for all After Nearly 600K Accounts Pwned

This blog highlights the importance of 2FA and how Roku have made it mandatory for all accounts after their recent attack. Featuring comments from our team members, the article includes expert advice on how crucial 2FA is.

Pentest People Gain NCSC Cyber Advisor Status

This blog highlights our achievement of becoming the first Leeds based cybersecurity company to achieve NCSC's Cyber Advisor Accreditation and a brief overview of what this means to us and our clients.