What is it?
Red Teaming is an activity designed to submit the ideas, plans, programs or assumptions of an organization to a strict analysis, in order to identify incorrect assumptions, alternative options not contemplated and to detect vulnerabilities or risks that may affect it.
Through Red Teaming, we will give the security team of your organization (Blue Team) the opportunity to defend against real attack scenarios, in a controlled and constructive way. Using the tactics, techniques and procedures observed in recent real-life commitments, we evaluate the real capacity of your company to protect its critical assets, as well as its detection and response capabilities, evaluating both the technological and the processes and the human. This exercise will allow you to train your Blue Team, in order to react optimally to potential future real threats.
At Zerolynx we carry out Red Teaming services through two different approaches:
Red Team Operations: This approach consists of carrying out a complete attack, with the aim of achieving a series of objectives that have been previously predefined with the client. Normally, these objectives are related to the worst possible cases that can materialize at the business level. In this case, the aggressor team performs all the common stages of an attack, from the initial recognition, until reaching the objective.
This approach is the most aggressive, and is recommended for those organizations that, having a higher level of maturity, want to test their ability to protect critical assets against targeted attacks.
Red Team for the evaluation of the SOC: This approach consists in the simulation of directed attacks in each and every one of the phases of the attack cycle, and can also simulate the behavior of one or several different malicious actors. The objective of this service is not to detect vulnerabilities, but to evaluate the detection and response capacity of the company, for which a responsible of our team accompanies the SOC at all times to guide and evaluate their response.
This approach helps to detect deficiencies in the detection and response capacity of the company, and to make investment decisions based on the evidence collected, so it offers a very important value to all companies. However, its less aggressive approach than Red Team Operations makes it especially recommended for companies with a lower level of maturity.