Red teaming is a great way to test the effectiveness of your security operations and cyber response teams in a realistic, secure and safe way. Designed to simulate a real cyber attack our experts can provide your staff with a scenario which will allow them to grow and gain confidence in their own skills and confirm the effectiveness of cyber incident response plans.
It is now widely known that the cyber threat facing organisations has evolved beyond perimeter infrastructure and application layer attacks and is now focussed upon attempting compromise using sophisticated attack methods.
Attacks are now targeted against specific people within the organisation and utilise custom malware which will evade common Anti-Virus signatures, which are designed to exploit known weaknesses with ingress and egress communications from the target. Additionally, attackers are combining physical and virtual exploit methods to successfully achieve compromise of their targets.
The Prism Infosec Red Team Service will simulate a number of potential cyber attacks on your organisation, over an agreed period of time. This is commonly delivered with only a minimal knowledge footprint of the attacks within the customer, typically just the point of contact for the service, the information security manager or head of audit.
The service includes a start-up engagement between our principal consultants and the nominated contacts within the customer to discuss the planning and scheduling of the assessments, the amount of agreed prior knowledge associated with the tests (often zero) and elements that will be targeted. It will also include how we will measure the effectiveness of incident handling, in particular the response that we should observe if our attacks are properly identified.
The red teaming assessments include profiling the organisation and its staff using Internet open source discovery methods, identifying security weaknesses with building physical security controls and network access controls. It will investigate handling of simulated (safe) malware into the organisation and resistance to using command and control techniques to compromise internal resources. Additional execution of infrastructure and application layer assessments will be conducted at given intervals which will be delivered with ‘low noise’ to determine effectiveness of protective monitoring and incident handing capabilities.
The service deliverable shall be executive and technical reports clearly identifying physical, technical and procedural risks associated with the organisation (potentially on a global scale), alongside practical, pragmatic, clear and concise recommendations on how to effectively manage them moving forward. Furthermore, we will deliver a presentation to executive and/or technical staff on our findings and recommendations.
Email Prism Infosec, complete our Contact Us form or call us on 01242 652100 and ask for Sales to setup an initial discussion.