Proactive Understanding

In order to proactively address security gaps, and raise the bar in your defense, you need to first understand who is coming after you. It is critical to understand how they think and plan.

A big part of this understanding, is the knowledge that, to prevent you first need to understand what you are trying to secure.

Take a look at your adversaries, create a theoretical profile, and then take it to the field. Look at yourself as a target and how, based on the adversaries you just profiled, things can be exploited and manipulated. Figure out what you would do as a bad guy.

Take the adversarial approach of thinking.

Read More
Advanced Capabilities
The Four Elements of Red Teaming

Red Teaming, it the truest sense of it, it’s not static, like a good adversary, you have to adapt each time and remain fluid. Over the years, many people have tried, unsuccessfully, to create frameworks and checklists to “red team it”. But, as we’ve seen with pentesting, once you go this route, you become predictable. This is something a Red Teamer should avoid at all costs. Once you become predictable, you are no longer providing the right level of disruption that Red Teaming should bring to the world.

Once you follow a checklist, you are no longer mimicking attackers, you are just following and creating patterns. And patterns will make you fail. This doesn’t mean we, as Red Teamers, shouldn’t have a playbook, and use it to win. No. In fact, the more we can pre-game the game, the better we will perform, and the more successful we will be.

This is the reason behind the Four Elements of Red Teaming.

Read More
Advanced Capabilities
Why Thinking Like an Adversary?

Security is hard. The security world is full of things that are hard to control. Attacks can occur at any time and place, most of the time in places not of our choosing, and when the time is worst. These attacks usually involve adversaries of unknown size and capabilities, making it harder to have a fixed and solid plan to deal with them. These adversaries, during an active attack, can and will pivot from their initial point of entry or discovery, usually having more than one point of persistence.

Security is hard.

Read More
Advanced Capabilities