Assess Your Cyber Resilience with a Red Team Exercise
In a Red Team Exercise, Truesec ethical hackers will target the complete attack surface: exposed servers, client-side attacks, physical intrusions, wireless attacks, etc. The intent is to reach a specific objective. The final goal is defined with the customer prior to the assignment.
Key Aspects of a Red Team Exercise
- You will know what type of threat actors you should be worried about. Can a “script kiddie” enter your network, or does it require a nation-state actor to succeed? The difficulty is measured by the sophistication level necessary for the attack, based on standard frameworks.
- You will know if and when the attack is detected, so you can train your SOC (Security Operations Center). You will receive time measurements answering questions like “How long time does it take before we detect the attack?”, “Once they are inside, how long time does it take to perform internal escalation and reach the final target?”, and “Can we detect internal activities?”, etc.
Conducting multiple Red Team Exercises over time will provide additional value; you will know how the difficulty changes over time, whether your mitigations have an impact on the actual attacks, and whether your detection capabilities improve.
Following the Assignment
Truesec can also help your SOC refine and trim their operations based on the attack activities that were not detected. This is an excellent training and improvement opportunity for your SOC.
For more information or to set up an exercise with our team, contact Truesec today.