Security Testing

What is Red Teaming?

Red Teaming (a.k.a. Objective Based Penetration Testing) is an adversarial attack simulation against an organisation. It requires a holistic overview of the organisation and is designed to achieve a specific objective.

The primary goal of the exercise is to assess the organisation’s ability to prevent, detect and respond to cyber-attacks and discover potential weaknesses that may not be identified through standard vulnerability and penetration testing exercises. A thorough Red Teaming exercise will expose vulnerabilities and risks regarding technology, people, process and physical.

Red Teaming serves to complement other forms of security testing (e.g. penetration test, vulnerability assessment, code review) and should be incorporated into the security testing exercise of an organisation as it grows in its security maturity level.

img-red-teaming

Difference between
penetration testing & red teaming

Objective of this assessment

Build stronger resistance against cyber attacks
Identify security gaps in people, process, and technology
Achieve purple team

Approach & Methodology

The proposed objectives for Red Teaming are commonly based on MITRE ATT&CK Framework

Initial Access
Execution
Persistance
Privilege Escalation
Defense Evasion
Credential Access
Discovery
Lateral Movement
Collection
Command and Control
Exfiltration
Impact

Case Studies

Find out how softScheck’s team of security professionals achieve its Red Teaming objectives by testing our client’s cyber security abilities against real-world targeted attack.

Singtel’s Zero-Day Cyberattack – Anticipate OR Re-Act to Attacks?

Singapore’s telecom giant, Singtel, has fallen victim to a zero-day cyberattack which stemmed from security bugs in a third-party software – the Accellion legacy file-transfer platform.

Read customer’s SMS

We discovered a critical vulnerability on the corporate web ui of the mail server hosted on premise.