Red Team Engagements
Full spectrum testing, using a targeted, opportunistic approach.
Red Team Engagements are commonly misconstrued as traditional penetration testing. Some of the facets of Red Team Engagements are similar to penetration testing: an adversarial perspective is employed in an attempt to gain unauthorized access to systems and data. However, Red Teaming involves a more focused, goal oriented effort. This type of testing is meant for organizations with a very mature security posture, that have undergone numerous assessments. These organizations desire to test incident response teams and processes, and see how their security controls can withstand a focused persistent threat.
Red Teaming is also meant to be fully evasive, and clandestine. Rotas emphasizes a non-attributable approach to testing. This type of assessment does not provide a holistic view of an organization’s overall security posture; it is meant to show what a focused adversary could accomplish with near-real world assessment conditions. Threat actor tactics, techniques and procedures are implemented in an attempt ot execute a covert assessment, and simulate a determined adversary. In the event that the Red Team activity is identified, the assessment can transition to a collaborative event, wherein active attacks are coordinated with security personnel in real-time. This can provide valuable intelligence, and allow security teams to better tune their detective controls, in real-time.
The full-spectrum nature of Red Team Engagements typically includes a wide scope for the assessment. Technical, logical, personnel, and physical attack surfaces are commonly in-scope, affording the Red Team Assessor a myriad of avenues of attack. In some instances, fully remote Red Team Engagements can also be employed.