Search
Our services

Red Team Assessments

There are several aspects that differentiate a red team assessment from a traditional penetration test. The biggest difference is that the focus is not placed on one application or system but on all assets of a company alike. It does not matter whether that is an IT system, an employee, a site or a business within the holding structure.

Instead, priority is given to the simulation of real attacking techniques and tactics. For this purpose, precise targets are usually defined that should be reached by the red team. For instance, accessing a certain system or a database containing sensitive information.

The assessment then goes through all the relevant phases of the so-called cyber kill chain to achieve the targets: from information gathering to planning, preparing and, finally, carrying out the attacks. Which way is used to reach the goals is not necessarily relevant; therefore, several vectors can be covered. Typically, this includes attacks against externally accessible services and cloud environments, phishing attacks, physical attacks on site and actively using social engineering.

In contrast to penetration tests, a red team assessment does not aim to identify as many vulnerabilities as possible in a specific test object. Instead, integral deficits concerning prevention as well as detection capabilities and responsiveness should be pointed out. This is why the red team primarily chooses “silent” attacking techniques and forms, which is different from traditional security assessments; red team assessments therefore also tend to take place over a longer period of time.

Due to the aforementioned conditions, this form of assessment is aimed at companies that have already implemented mature measures to prevent, detect and respond to a security incident.

Possible Variations

cirosec offers to perform individual red team assessments. Possible forms of assessment are listed in the following for orientation purposes:

Traditional Red Team Assessment

Includes all phases incl. comprehensive information gathering.

Compact Red Team Assessment

Without comprehensive initial information gathering in order to reduce the effort. Instead, relevant information is obtained in a joint workshop.

Red Team Assessment According to TIBER-DE or TIBER-EU

In this form of red team assessment, we base the implementation entirely on the TIBER-DE or TIBER-EU framework. Further information can be found at:

Do you want to protect your systems? Get in touch with us.
Search
Search