Red teaming is a comprehensive, multi-faceted simulated attack assessing an organization's risk and vulnerabilities across personnel, processes, and technology. Ethical hackers identify and test weaknesses using social engineering and stealth, making it ideal for organizations with strong security programs seeking more than a standard penetration test. To maximize value, define at least five goals for testers, such as obtaining domain admin access, unauthorized payroll data access, compromising critical network components, deploying ransomware on test data, or accessing credit card or sensitive PHI information.
Red Teaming Approaches:
A timed approach where our team tries to get access to a specific objective or goal from the outside.
A split approach where our team sets a specific number of days to attempt to penetrate the network from the outside, followed by another specific number of days in an assumed breach scenario to see what damage can be done if someone obtains access.
During the test the engineer assigned to our case would notify us of any high-priority findings with detailed explanations of the risks right away. They were also quickly responsive to our emails during the test.