Security vulnerabilities aren’t always to do with infrastructure alone, human error can play a potentially dangerous role in opening up your assets to exploitation. That’s where red team assessments come in.
A red team assessment is designed for large, and/or complex, organisations managing a diverse range of sensitive assets through physical, technical or process-based systems. The outcome of the assessment gives you the opportunity to see how cybercriminals may infiltrate your sensitive data, network and physical environment, and how well-prepared your incident response team are to react to malicious attacks.
What is a red team assessment?
A red team assessment is essentially a real world penetration test from a hacker’s perspective, also referred to as ethical hacking. It encompasses
- Open source intelligence gathering
- Automated scanning
- Manual penetration testing
- Social engineering
The test-target can be the technology, staff or the physical premises.
Vulnerabilities found via any of the 4 methods above can appear to be small issues on their own, but, when they’re organised into a strategic pathway, a cybercriminal can cause significant damage to a business and it’s assets. It’s up to the expert pen tester to expose the potential attack paths and assess exactly what’s at stake if an attacker were to be successful.
Following completion of a red team assessment, the security consultants will produce a custom report that highlights all issues identified, how they tie together, their risk levels and recommendations regarding how to remedy them.
The client will then have the chance to go through the issues and apply the necessary fixes. Typically, the process stops there, but, at Aardwolf Security, our penetration testers always organise a free retest, and update the existing report to include which issues have been remediated.
Why is a red team assessment important?
A red team assessment is different from a regular penetration test as it explores a company’s IT infrastructure as a whole, testing not only the system, but people and processes as well. It’s a rare opportunity to receive this kind of holistic view of your organisation, even through other trusted methods of cybersecurity or penetration testing, making the red team assessment one of the most valuable security measures available.
As the assessment takes social engineering into account, it provides a comprehensive and tangible test environment to put your security operations team through its paces. Is your IT security department equipped to react to an advanced threat? Will a hacker masquerading as a temporary employee get caught in time? How many employees would insert an infected USB stick into a work computer, inadvertently opening up your assets to the enemy? A red team assessment will provide all the answers.
How long does it take to perform a red team assessment?
There are numerous factors that influence the scoping of a red team penetration test, the main factors being:
- Number of business locations
- How large a client’s digital footprint is
- Number of websites and endpoints
- Number of users
- Network size
Our assessment process
At Aardwolf Security, our team of experienced, CREST-accredited penetration testers will design a bespoke strategy, based on your organisations complexity, needs, and goals. We use automated, manual and creative techniques to simulate various types of threat actors, to make sure the resilience of your physical and digital infrastructure is tried to the highest standard.
Using a collaborative approach, we determine the organisation’s objectives for the assessment, and outline any operational boundaries.
In this stage, we use manual and automated techniques to gather intelligence regarding your organisation from public sources of information, to get an idea of how a criminal might map out their attack. This informs the appropriate attack simulations for the assessment.
Next, we implement the controlled attack. Our team of professionals attempt to gain access to your network and penetrate the systems that hold the target information and assets defined by you in the scoping stage of the process. The assessment is done using a secure channel to protect your data as we evaluate your security controls.
After the red team have recorded the event, documenting the systems, tools, and methods of attack, they remove any executables or other files used in the attack, and help the client restore said systems to their initial states.
We provide a detailed report of our findings, creating a hierarchy of priority risks, with a comprehensive list of appropriate recommended solutions, ready to be handed over to a web developer.
Rare in the penetration testing industry, we offer a free retesting service as part of our process. Once the web developers have implemented the recommended solutions, we retest your infrastructure to make sure it’s water-tight, and update the report to sign off the fixes.
How much is a red team assessment?
The cost of our red team assessment service is calculated by the number of days a penetration tester will take to fulfil the agreed scope.
The number of days and a free online quote can be determined by filling out our penetration testing scoping form, or you can message us through our contact form to arrange a scoping call with one of our Senior Consultants.