Red Teaming is the art of thinking like the adversary, finding what that adversary will do, and go do it before they have a chance. In doing so, red teamers help build resiliency and create an overall more secure organization.
There are a few things you should consider when you begin to engage a new project, or while deep into an assessment. These things can be applied to all domains of Red Teaming, from digital to physical to human.Read More
Sure, you write the report, you list the findings and their solutions, you wrap it up with a good executive summary, pictures of the engagement and a closing statement. But, is that it? Is your job done?
From the Yahoo breach of 3 billion accounts, to the JP Morgan intrusion, to the recent Equifax attack, the frequency and scale of attacks is increasing. And there is no sign of stopping.
As you watch company after company essentially falling victims, and unable to deal properly with these crises, it is becoming evident that current security testing and methodology needs to evolve.
Almost every organization today uses firewalls and other network/security devices to enforce perimeter security. The perimeter, that *public facing layer* designed to keep attackers outside, was designed at a time when attacks were still uncommon (or rather they remained undiscovered for long time) and security was and afterthought.
That perimeter is no longer relevant today. When that perimeter is breached - and it always is - an attacker has almost unrestricted access to the organization’s internal network and systems.