Real Insight in Real Time: How AI is Changing the Way We Manage Cyber Risk
Across the tech-sphere it has become abundantly clear that Artificial Intelligence is now a driving force, even more-so across the cybersecurity landscape. With this great leap in technology, AI is being leveraged on both sides of the battle. But how? AI is now being used both as a tool for defence and, increasingly, as a […]
It’s Not Just About Breaking In: A Deep Dive into the Red Team Manager Mindset
In the world of cybersecurity, red teaming is often seen as the pinnacle of offensive security – a live-fire exercise where skilled operators simulate real-world adversaries to test a company’s defences. But behind every successful red team engagement is a role that is often overlooked yet absolutely critical: the Red Team Manager. This post explores […]
Why bother with Physical Breach Tests?
A physical red team (breach) test is a real-world simulation of a physical breach. Think: tailgating into a secure office, picking locks, planting rogue devices, or accessing server rooms without authorisation. Unlike standard security audits, red teamers think and act like real adversaries – covertly probing for the weakest link in physical security protocols, policies, […]
AI and Red Teaming
Red teaming is still fairly young as far as cybersecurity disciplines go – most of us in this part of the industry have come in from being penetration testing consultants, or have some sort of background in IT security with a good mix of coding and scripting skills to develop tools. Our work often requires […]
Cyber Threats & The Boardroom
In cybersecurity, the prevalent and growing threat from criminals is ransomware operations. This is where a threat actor manages to establish a foothold into an organisation, will try to position themselves to gain control of the organisation’s data, will often steal some or all of that data, and then encrypt as much of it as […]
Prism Infosec Achieves CBEST Accreditation
Prism Infosec, an established CHECK accredited Penetration Testing company, is pleased to announce that we have achieved accreditation status as a Threat-Led Penetration Testing (TLPT) provider under the CBEST scheme, the Bank of England’s rigorous regulator-led scheme for improving the cyber resiliency of the UK’s financial services, supported by CREST. This follows our recent accreditation […]
Capitalising on the Investment of a Red Team Engagement
Cybersecurity red teams are designed to evaluate an organisation’s ability to detect and respond to cybersecurity threats. They are modelled on real life breaches, giving an organisation an opportunity to determine if they have the resiliency to withstand a similar breach. No two breaches are entirely alike, as each organisation’s organic and planned growth of […]
Prism Infosec Achieves STAR-FS Accreditation
We’re thrilled to announce that Prism Infosec is now an accredited provider of STAR-FS (Simulated Targeted Attack & Response assessments for Financial Services), the threat-led penetration testing and red teaming framework launched by the Bank of England, PRA, and FCA this year for the UK finance sector. The STAR-FS scheme represents a significant step forward […]
Red Team Scenarios – Modelling the Threats
Introduction Yesterday organisations were under cyber-attack, today even more organisations are under cyber-attack, and tomorrow this number will increase again. This number has been increasing for years, and will not reverse. Our world is getting smaller, the threat actors becoming more emboldened, and our defences continue to be tested. Any organisation can become a victim […]
Red Teams don’t go out of their way to get caught (except when they do)
Introduction In testing an organisation, a red team will be seeking to emulate a threat actor by achieving a specific goal – whether that is to gain administrative control of the network and prove they can control backups (a kin to how many ransomware operators work), through to proving access to financial systems, or even […]
