Once engaged, TBG Security will assign a tactical Red Team manager (“TRM”) who will act as the technical lead and primary point of contact to the customer. The TRM will conduct an on-site introductory meeting to introduce the team, identify an organizational point of contact (POC), define rules of engagement, and work with key organization stake holders to define targets of interest for both the company and TBG’s Red Team. Testing activities will take place over the course of the year in much the same way an actual threat actor would. TBG’s Red Team engineers will conduct testing activities each month, and the TRM will report any findings, as they are discovered, to the POC within the organization and the TRM will organize periodic on-site meetings to review the findings and discuss best practices with the organization to detect, mitigate, and if possible prevent the attack from ever happening in the future.
Threat Modeling
At the beginning of each Red Team engagement, the TRM will conduct onsite review of your organization and discuss threats to your operational success with key stake holders.
Open Source Intelligence
OSINT consists of using publicly available services such as Google, Facebook, LinkedIn, DNS, WHOIS, RWHOIS, etc. to gleam potentially useful information.
Physical Security Testing
Physical security testing assesses both physical security controls, and to some extent, personnel resilience to certain attack vectors.
Social Engineering
Social Engineering testing is performed to test personnel security awareness, as well as to aid in other attacks.
Vulnerability Testing
Vulnerability tests will be run throughout the course of the year to aid in our penetration testing activities.
Lessons Learned
The TRM will organize on-site lessons learned meetings on an as needed basis. A presentation will be delivered that will highlight both strengths and weaknesses observed during the engagement.