Assess your cyber resilience with a Red Team Exercise
In a Red Team Exercise, TrueSec hackers will target the complete attack surface: exposed servers, client-side attacks, physical intrusions, wireless attacks, etc. The intent is to reach a specific objective. The final goal is defined with the customer prior to the assignment.
Key aspects of a Red Team Exercise
- You will know what type of threat actors you should be worried about. Can a script kiddie enter your network, or does it take a nation state actor to succeed? Difficulty is measured by “sophistication level” necessary for the attack, based on standard frameworks.
- You will know if and when the attack is detected, so you can train your SOC. You will get time measurements answering questions like “how long time does it take before we detect the attack?”, “once they are inside, how long time does it take to perform internal escalation and reach the final target?”, “can we detect internal activities?”, etc.
Doing multiple Red Team Exercises over time will provide additional values: you will know how difficulty changes over time, whether your mitigations have an impact on the actual attacks, and whether your detection capabilities improve.
After the assignment
TrueSec can also help your SOC refine and trim their operations based on the attack activities that were not detected. This is a great training and improving opportunity for you SOC.
For more information or to set up an exercise with the TrueSec team, fill out the form.