What Is Red Team Service?
Our Red Team Service is an advanced offensive security service.
Our Red Team Service is an advanced offensive security service.
Penetration testing is typically performed against a predefined number of targets provided by our customers and tests known exploits against known vulnerabilities. This type of testing is limited in scope and time. By it's nature it's great for identifying vulnerable systems, networks, and systemic security issues but only scratches the surface in identifying your company's risks. In contrast, the goal of a Red Team Assessment is to test the company’s defenses, their detection and response capacities. TBG’s Red Team takes a broader approach by assessing the susceptibility to real-world attack methods such as using social engineering to gain access to valid user credentials, attacking adjacent systems (not just the web server), physical attacks against the office space, deployment of malware or conducting wireless networking attacks against a trusted office network. Upon breaching the system by any means necessary, TBG's Red Team will try to stay there as long as possible without being detected, while collecting as much sensitive information as possible.
TBG’s Red Team service is an annual subscription service.
Once engaged, TBG Security will assign a tactical Red Team manager (“TRM”) who will act as the technical lead and primary point of contact to the customer. The TRM will conduct an on-site introductory meeting to introduce the team, identify an organizational point of contact (POC), define rules of engagement, and work with key organization stake holders to define targets of interest for both the company and TBG’s Red Team. Testing activities will take place over the course of the year in much the same way an actual threat actor would. TBG’s Red Team engineers will conduct testing activities each month, and the TRM will report any findings, as they are discovered, to the POC within the organization and the TRM will organize periodic on-site meetings to review the findings and discuss best practices with the organization to detect, mitigate, and if possible prevent the attack from ever happening in the future.
At the beginning of each Red Team engagement, the TRM will conduct onsite review of your organization and discuss threats to your operational success with key stake holders.
OSINT consists of using publicly available services such as Google, Facebook, LinkedIn, DNS, WHOIS, RWHOIS, etc. to gleam potentially useful information.
Physical security testing assesses both physical security controls, and to some extent, personnel resilience to certain attack vectors.
Social Engineering testing is performed to test personnel security awareness, as well as to aid in other attacks.
Vulnerability tests will be run throughout the course of the year to aid in our penetration testing activities.
The TRM will organize on-site lessons learned meetings on an as needed basis. A presentation will be delivered that will highlight both strengths and weaknesses observed during the engagement.
TBG's Red Team has provided services across a number of industries from Fortune 50 companies to government agencies. We attribute our continued success to our process which allows us to better understand the needs of each of our clients. It’s our mission, with each customer, to assist them in understanding how their business processes and security requirements can coexist within their organization. Through our combined experiences across virtually all industries we bring a unique perspective and inherent familiarity with our client’s business thereby making the engagement as unobtrusive as possible.
Here are just some of our Certifications: