The Privasec Red guys have been ethically breaking into networks and premises to help organisations identify critical gaps in their security implementation. Using realistic attack techniques and methodologies that are tailored to each of our customers, the team consistently obtains physical and electronic access to various forms of sensitive information. In most cases, the Privasec Red Team been able to compromise clients by using cheap and simple techniques that can be easily protected against.
Red Teaming vs Penetration Testing
Here is a summary of how Red Teaming differs from Penetration Testing:
- As opposed to traditional testing, Red Team attacks are multi-layered and focus on objectives rather than on the method.
- Red Teaming allows room for creating innovative scenarios to achieve the objectives. This approach helps identify blind spots in defence strategy and thus increase cyber resilience.
- Penetration Testing is based on a specific set of roles as opposed to red teaming where the primary goal is to achieve objectives.
Cyber-attacks have become more targeted and financially motivated than ever before. The random whiz-kid has made way for disciplined and well organised criminal groups for hire to the highest bidder. Red Team attack are the most realistic way to test the resilience of not only your IT controls (firewalls) but also people, processes and facilities.
Our Open Source Intelligence (OSINT) gathering techniques have also discovered assets and leverage points that our customers were previously unaware of, helping bring unknown exposures and risks to light. In many cases, basic security vulnerabilities can be eliminated through improved employee awareness. We have been providing practical advice to our customers and assisting them in raising their level of awareness by conducting executive and staff level presentation and training, sharing our war stories and demonstrating attack and defence techniques.
Learn more about Privasec Red Team members here.