The ‘red-team’ penetration test simulates real attack scenarios (“Friendly Hacking”) by bypassing security defenses while remaining unnoticed until gaining a substantial holding of critical assets.
A ‘red-team’ penetration test encompasses several attack methodologies and expertise. These include network-level attacks, application-layer attacks, exploiting known vulnerabilities in software infrastructure (e.g., web servers, routers, operation systems), and social engineering techniques.
Some attack scenarios may include worm-like malware attacks to demonstrate these capabilities.
The scope of a ‘red-team’ is not limited to a specific system or IP address; it covers the entire organization the same way an external attacker would. Breaking the perimeter is only the first stage of a ‘Red-Team’ exercise. Hunting down ‘crown jewels’ inside your network while staying undetectable is the challenging part. Moving laterally around the network helps organizations test their detection capabilities, security architecture, and security systems configurations.
A red team's exercise results provide merely another list of vulnerabilities to address. However, it is far more optimal to gain a comprehensive and strategic view of the organization's overall security posture, highlighting its weakest links.
‘Red-Team’ exercises demonstrate the gaps in your organization’s security program and provide detailed strategies for improvement clearly and strategically.
Combining our Red Team activities with our Threat Intelligence capabilities provides our customers with a unique value, from uncovering adversary motives and tactics, to predicting likely attacks, weak spots, and vulnerabilities in systems, networks, and data-centers.
We help organizations prepare for a real-life attack scenario and to improve prevention, detection, and response time to advanced threats :
Every activity begins with an initial Reconnaissance and Threat analysis phase. Komodo’s team utilizes its proprietary technologies and methodologies to collect information about the organization’s attack surface at this preliminary stage. After gathering the information, Komodo creates a map detailing the results and their analysis, i.e., a list of possible targets and attack vectors, likely attack scenarios, and possible “weakest links”.
CRACKING THE PERIMETER
Based on the generated threat map, Komodo’s team will continue to try and gain control (operating system level) of an internet-facing server/system in the client’s DMZ by detecting and exploiting application/infrastructure level vulnerabilities.
& TROPHY HUNT
First, the team establishes an initial foothold on the operating system level. Then The team then demonstrates control over a system/server/workstation in the datacenter while installing persistence mechanisms that allow continuous acquisition of resources in the network as an Advanced Persistent Threat (APT) would.
Secure Your Web Applications, APIs & Mobile Apps
with Advanced Black Box Penetration Testing Services
FOR MORE INFORMATION
A security red-team is a test that aims to assess the security level of an organization and identify the main weaknesses in its security posture.
Komodo and our cyber intelligence researchers offer clients a turnkey solution that comprises real-time threat alerts, deep and complete analysis, and expert advice to assist them in handling and mitigating threats.
Incident response to Computer and Cyber Security events is one of KOMODO’s primary services and areas of expertise. Our team’s experience encompasses investigating large-scale intrusions performed by advanced threat groups.