Significantly more sophisticated than an internal assessment, Red Team assessments simulate real-world, covert, multi-phase attacks as they would be performed by real and persistent criminals.
These assessments are based around “goals” agreed up front which have a significant impact on the focus of the assessment. Careful thought and planning need to go into the goals, considering possible security failures in your most important business functions. For example, a goal could be to gain access to a material amount of money, or secret business information, or large amounts of data under regulatory scrutiny. These goals are important for replicating a real-world attack, as real criminals have such motives. The methods used to attain these goals are as unrestricted as feasible, allowing for any likely attack scenario to be played out.View Brochure
Ongoing, real-world attack: Our ethical hackers attack an organisation’s users, web estate, public-facing applications and perimeter just like a determined and motivated attacker would while providing opportunities for defenders to test incident response and detection capabilities.
Post-exploitation actions on objectives: With a foothold inside the organisation, focus shifts to targeting specific IT infrastructure that would help in achieving a set of pre-determined goals. In contrast to the breadth approach in an internal network assessment, a Red Team assessment has a clear goal in mind, leveraging anything to help achieve that. With carefully thought through goals, this actions on objectives phase aims to help demonstrate risk by compromising important business-critical systems.