Talk to a Security Expert Now: (800) 721-9177

Red Team Assessment

A full scale ‘no holds barred’ attack against your organization, in order fully understand security risk and threat impact.

TALK TO AN EXPERT

Summary

Advanced ‘Red Team’ assessments utilize an incredible amount of human security engineering expertise to fully understand the threat impact of a real cyber-attack against your organization. If you need a full scale ‘no holds barred’ cyber attack launched at your organization or specific assets, Redspin’s Red Team assessments offer unparalleled insights into your security posture.

Each Red Team engagement is unique and specifically tailored for every organization, but usually include the following scopes of work:

  • Internal and External Network Penetration Testing
  • Web, Mobile, and SaaS/Cloud Application Penetration Testing
  • Social Engineering (Phishing, Vishing, Phone, In-Person)

Red Team Overview

Within each of the scopes of work, a Red Team assessment analyzes and assesses the following areas:

Identify Data Leaks

— Initially through ‘zero packet reconnaissance’ and open source intelligence (OSINT) vectors.

Assess Security & Attack Vectors

— Initially of Internet-facing networks by probing open ports and services.

Attempt exploits

— Initially any vulnerable or misconfigured systems, services, and infrastructure.

Social engineering

— Gather information and pivot to internal networks through phishing, vishing, phone, and in-person based campaigns.

Physical Security

— Facility/location breaches through the use of long-term surveillance and intelligence gathering.

Redspin’s Red Team uses decades of combined experience, best practices, top-shelf tools, and the latest threat intelligence to give you comprehensive security testing and findings. The result from this process is usually compromised networks and applications. The deliverable is an actionable, risk-rated, and prioritized report with detailed recommendations to understand overall risk and potential impact on the organization.

Red Team Assessment Methodology

Phase 1: Passive Reconnaissance: Zero Packet Reconnaissance and Open Source Intelligence (OSINT)
Phase 2: Active Reconnaissance: Network Scanning, Surveillance, and Social Engineering
Phase 3: Infiltration: Exploitation of Infrastructure, Applications, and Employees
Phase 4: Internal Network Pivoting and Exploration: Expand access and control, identify sensitive data
Phase 5: Data Exfiltration: Demonstrate data is accessible and can be stolen without detection

TALK TO AN EXPERT

Penetration Testing Services

Redspin’s security assessment services are designed to lower risk and protect data. By tailoring the right combination of network/infrastructure, application/service, and personnel security testing… We can ensure the best return on your investment.

Penetration Testing

Comprehensive risk, vulnerability, and penetration testing intelligence with prioritized risk-rated recommendations.

Learn more

Red Team Assessments

Our most comprehensive security assessment, combining penetration testing, application security testing, and social engineering.

Learn more

Application Security

Get world-class security engineers to test vulnerabilities in your web, mobile, & cloud applications.

Learn more

Social Engineering

OSINT, phishing, vishing and physical campaigns to pinpoint your vulnerabilities and promote awareness and education.

Learn more