Red teaming
A Red Team Exercise is designed to reveal vulnerabilities in a company’s security through hands-on testing, uncovering exposure and blind spots in the defenses of your processes and network safety. Red Team exercises differ from penetration testing in that they don’t focus on a single application or system, but instead set out to exploit multiple systems and potential avenues of attack. The gloves are off, and “Think like an attacker” is the rule of play. Usually, Red Teams are part of your internal security team, though sometimes they can be from external or dedicated agencies. While thinking like an attacker, a Red Team group acts as (and provides security feedback from the perspective of) a malicious threat or challenger. It’s up to the business’s dedicated security team – the Blue Team – to provide a suitable response in detecting, combating, and weakening their opposition. Prior to the Red Team exercise, it’s usual that the Blue Team won’t know the plan or what is coming. This is in order to make the exercise as realistic as possible.