Red Team Testing focuses on identifying potential damage to your organization that a determined, directed attacker could accomplish. Our services serve as a tool to train your security team on identifying real indicators of an active attack.
Red Team Testing is a concept that derives its name from military jargon. Security experts with extensive training work with you to identify your goals to test your preparedness if threat actors decided to target your organization.
Red Team testing begins with identifying the primary goals that may include extracting or inserting sensitive, business critical data, attempting persistent access to try and compromise your devices or identifying whether it is possible to inflict reputation damage through website defacement or exposing your client data. Testers gather information for their tests using Open Source Intelligence by searching the internet for publicly available and personal employee information to plan their attacks on your organization the same way a threat actor would.
Next begins the collection of your target data, which is analyzed for potential technical, physical and social vulnerabilities. Exploits are then selectively executed to gather more information and control of your target assets. Compromised systems are used to establish persistence on your network, and to begin a new round of data collection within your environment. Information and access gained in early cycles is used to move the attacker closer to their objectives.
As opposed to traditional testing, which delivers a comprehensive review of all vulnerabilities and technical risks, during Red Team testing, Secureworks works with your organization to establish testing objectives (sometimes called trophies): specific, high-value systems or data that are the same business-impacting goals that advanced threat actors aim to achieve. The output from this testing will help your organization prioritize where to focus security efforts.
With Secureworks' Red Team Testing you can:
- Improve your team's organizational readiness
- Inspect current performance levels
- Improve training for defenders
- Increase end-user information security awareness
- Evaluate the effectiveness of your IT security defenses and controls
- Gain objective insights into vulnerabilities that may exist across your environment
- Multi-phased: unlike typical testing, we use multiple approaches over time to identify security gaps
- Goal-based testing: we work with you to identify goals or trophies to test your people, processes and technology
- Sophisticated testing: our blended threat scenarios help improve your readiness and training against threat actors
- Customized: we work with you to evaluate the effectiveness of your defenses and controls