Our Red Team has the purpose to simulate an unauthorized access to corporate systems through a sponsored external attack, a classic penetration, long-term persistence, corporate system privilege escalation, and even alteration and theft of business strategical information. The Red Team periodically reports on findings and taken and future actions to a select group of people as directed by the client, so it can always stay updated on the campaign progress, as well as first-hand information on the defending team (Blue Team) performance.
Continuous evaluation of the security posture
Continuous testing and permanent alerting of SOC monitoring service
Staff training on realistic offensive scenario
Catalog of tests on different attack vectors
Strategy development through kill chain controls
Initial compromise from the perimeter. This task is continuous throughout the service to discover new attack vectors.
Setup and execution of different attack based on scenarios (insider, corporate laptop theft, suppliers...).
Identification and selection of targeted attacks against critical assets which may include controlled infection through APT.
Analysis of results and development of strategies for mitigation and operational improvements.
RED TEAM LABS
From 0-day to exploit
Research and discover of new vulnerabilities (0-day) in company technologies.
Development of advanced tools, exploits and custom malware to simulate the TTPs used by different threat actors (from standard attacker to APT groups).
RED TEAM INTEL
Asset discovery, technology fingerprinting and information leakage detection.
Continuous task throughout the service to detect new assets or leaks that may lead to new attack vectors.
New findings are used to feed back the discovery process.