Red Teaming

As attackers become more sophisticated, it is important that organisations assess their capability to resist and respond to cyber-attacks based on an understanding of the key threats they face. Red Teaming goes further than just identifying gaps in your security practices and controls to prevent an attack; it can also provide valuable insights about your organisation’s capability to identify attacks in progress and remove them from the environment.

Red Teams are usually external groups hired to make an impartial assessment of the network or system. Red teams challenge the current security policies. The customer sets the scope of the project to specify the area of information to be assessed.

The scope of the Red Teaming assessment can be very general or very specific when defining what the assessment will include or address. The scope of the project depends on time or cost of the assessment and/or on the objective of the assessment as defined by the customer.

Differences between Red Teaming and Penetration Testing

Penetration testing focuses on identifying as many technical vulnerabilities as possible in a pre-defined IT system that could leave your organisation open to an attack. While the aim of Red Teaming is not to find as many security vulnerabilities as possible. The goal here is either to find the most effective way to hack into a company or to achieve a specific goal (e.g. to be domain admin or to steal sensitive data),
Red Teaming aims to demonstrate how security controls and the internal security team can be bypassed.