- Home
- /
- Services
- /
- cyber@dedatech
- /
- Assessing
- /
- Red Team Exercise
Red Team Exercise
The Red Team Exercise Service emulates real attack scenarios. The purpose of the activity is to demonstrate whether and how a Threat Actor targeting an organization can damage the corporate business, using methods and techniques derived from real attack scenarios.
This activity, unlike traditional testing, uses an integrated approach to assess the organization’s security posture from different attack vectors.
In the context of the Red Team Exercise are defined together with the client; the critical objectives for the business reality, the scenarios to be simulated and the attack vectors to be used
A targeted attack (Targeted Attack) is an operation in which a target is thoroughly studied in order to identify weaknesses, circumvent protective systems and processes to do potential harm to an organization.
The following belong to this category of attacks: exfiltration of data (data leak), encryption of files for ransom (ransomware), establishment of a persistent channel for espionage or interception of company financial/operational information (APT), and image damage (web defacement, confidential info publications, private personnel).
The simulation consists of the following steps:
- Active and passive sensing and information gathering
- identification and analysis of weaknesses, exploitation of vulnerabilities to compromise the integrity of the infrastructure and gain access to the network, through the use of a variety of techniques: spear-phishing with malicious URLs or attachments, valid credentials obtained in the previous phase, exploiting vulnerabilities of exposed services and applications.
- Escalation within the network to obtain the highest possible privileges or an agreed-upon goal
- Lateral movement to compromise other assets or accounts of other users
Understanding the effects of any successful attack can help clarify priorities in improving posture and resilience.
Understanding the danger domain of a vulnerability enables proper reassessment of access policies and other containment measures.
Even with trusted partners, the best way to test the validity of cyber defense services is to have it tested by a third party