RED-TEAM PENETRATION TESTING
The ‘red team’ penetration test simulates real attack scenarios (“Friendly Hacking”) by bypassing security defenses while remaining unnoticed until a substantial holding of critical assets is gained.
A ‘Red-Team’ penetration test encompasses several attack methodologies and expertise, these include network-level attacks, application layer attacks, exploiting known vulnerabilities in software infrastructure (web servers, routers, operation systems, etc.) and social engineering techniques.
Some attack scenarios may include worm-like malware attacks to demonstrate these capabilities.
The scope of a ‘Red-Team’ is not limited to a specific system or IP address, it covers the entire organization the same way an external attacker would. Breaking the perimeter is only the first stage of a ‘Red-Team’ exercise. Hunting down ‘crown jewels’ inside your network while staying undetectable is the challenging part. Moving laterally around the network help organizations to test their detection capabilities, security architecture, and security systems configurations.
The results of a ‘Red-Team’ exercise are just another list of vulnerabilities that needs to be addressed but rather a wide and strategic view of the organization overall security posture, highlighting it’s weakest links.
‘Red-Team’ exercises demonstrate in a clear and strategic way the gaps in your organization’s security program and provide detailed strategies for improvement.
Combining our the Red Team activities with our Threat Intelligence capabilities provides our customers with a unique value, from uncovering adversary motives and tactics, through to predicting likely attacks, weak spots, and vulnerabilities in systems, networks, and data-centers.
We help organizations prepare to a real-life attack scenario and to improve prevention, detection and response time to advanced threats :
Every activity begins with an initial Reconnaissance and Threat analysis phases. At this preliminary stage, Komodo’s team utilizes its proprietary technologies and methodologies to collect information about the organization’s attack surface. After gathering the information, Komodo continues to create a map detailing the results and their analysis, i.e. a list of possible targets and attack vectors, likely attack scenarios, and possible “weakest links”.
CRACKING THE PERIMETER
Based on the generated threat map, Komodo’s team will continue to try and gain control (operating system level) of an internet facing server/system in the client’s DMZ, by detecting and exploiting application/infrastructure level vulnerabilities.
& TROPHY HUNT
Once an initial foothold has been established on the operating system level. The team will demonstrate control over a system/server/workstation in the datacenter while continuing to install persistence mechanisms that allow continuous acquisition of resources in the network in the same way an Advanced Persistent Threat (APT) would.
Incident response to Computer and Cyber Security events is one of KOMODO’s main services and areas of expertise.
FOR MORE INFORMATION
A security red-team is a test that aims to assess the security level of an organization, identify main weaknesses in its security posture
Komodo and our cyber intelligence researchers, offer clients a turnkey solution that comprises real-time threat alerts, deep and full analysis, and expert advice to assist them in handling and mitigating threats.