Red Team Assessments
Ember Lake’s approach to penetration testing and vulnerability assessments are based upon guidance outlined within NIST SP 800-53 and industry-backed best practice. Years of fine-tuning results in an all-encompassing approach to identify vulnerabilities and misconfigurations affecting external and internal network devices.
Red Team Assessments are meant to test internal IT teams on the effectiveness of technical and procedural controls when responding to threats. These assessments use a variety of techniques to test response times and measures by internal IT, colloquially known as the “Blue Team”. The techniques employed by the offensive team (Red Team) are true to life and emulate attack vectors Advanced Persistent Threats and hacking groups are known to use. All Red Team Assessments are intended to be collaborative with the organisation’s key stakeholders, but also kept secretive from the Blue Team as to not taint the validity of reactions.
Our offensive team will attempt to bypass these controls using a combination of phishing, hacking, physical access, and open-source intelligence. Our assessment is broken down into three major phases:
- Reconnaissance – performing open-source intelligence against the organisation’s footprint, its employees, and presence online will give the Red Team an understanding of what attack vector may be the most successful.
- Persistence – after defining the plan of attack, the Red Team will attempt to gain persistence into “No Man’s Land”, defined within the scope, to retain persistence and move laterally throughout the network until a winning scenario is determined.
- Results – all results are compiled into a deliverable meant to be digested by senior leadership, containing methodologies, tools used, reactions by the Blue Team, identified gaps, and recommendations to further strengthen the organisation’s response.
Want to know more?
Contact us today to speak with one of our cyber professionals to see how Ember Lake can help.