Selcouth Cyber Security Services Private Limited

Red Team Assessments

Background

What is a Red Team Assessment?

Red teams simulate real-world attacks and ensure that the organization is capable enough to detect attacks and can take necessary action before it can cause any damage.

Red teaming focuses on three attack surfaces;

  • People (e.g., tricking a security guard into getting an entry, phishing an employee, etc.),
  • Accessing physical locations (e.g., lock picking tricks, etc.)
  • Technology (e.g., application hacking, etc.).

Scenarios of a Red Team Assessment

Scenario 1: 

Breach into the organization from outside and simulate the damage.

Scenario 2:

Working with an assumed breach mentality, i.e. attacker who has conducted the breach and present inside the organization, looking to move laterally in the network, find sensitive information and exfiltrate the data to a external location for later use.


Approach to a Red Team Assessment

We asses the security operation centre (SOC operations) team’s Incident detection and response capabilities. The assessment is a no-holds-barred style of exercise (excluding attack vectors that may lead to service outages) where the success criteria is to gain access to critical assets or crown jewels within the target organization.

Through our Red Team Assessment services we aim to provide our clients with:

  • A real-world perspective of known threat actors.
  • Holistic review of security controls.
  • Evaluate security incident detection & response capabilities.

Our attack vectors are designed to simulate threats from three primary attack sources:

  • Organizations usually have assets exposed online to provide services to their users . A compromise of any one asset could potentially provide an attacker a foothold into the organization.
  • Humans by far, are the weakest link in any given security chain. the objective is to manipulate an individual of the organization, to follow and/or perform actions that may result in potential loss of information or lead to a foothold into the organization’s infrastructure.
  • Gaining physical access to an environment can reveal sensitive information about the internal functions & process of a organization. Furthermore, certain weakness can only be identified if physical access to a location is gained.