
RED TEAM
Why do a Red Team Exercise?
Red Teaming is a full-scope, multi-layered attack simulation designed to measure how well a company’s people and networks, applications and physical security controls can withstand an attack from a real-life adversary
It is done by Independent security teams to test how well an organization would fare in the face of a real attack.
A thorough red team test will expose vulnerabilities and risks regarding:
-
Technology — E.g. Networks, applications, routers, switches, appliances.
-
People — E.g. Staff, independent contractors, departments, business partners.
-
Physical — E.g. Offices, warehouses, substations, data centers, buildings.
After Action Report
Findings presented to management on:
-
Presentation to Senior Management / C-Suite:
-
Data Accessed and their criticality
-
System compromised
-
Credentials extracted
-
-
Value of information
-
Damages to organization in terms of reputation and monetary
-
Controls to be implemented
