Red Teaming


Red Teaming is an exercise that focuses on the attack process to compromise a company’s critical business assets using means that a malicious actor might utilize in a legitimate attack. Prescient Security Red Teaming is designed to give our client a realistic view into the potential attack vectors and threats from a holistic perspective rather than the narrow scope of most penetration testing.

Our advanced penetration testing team focuses on the following areas:

  • Effective attack plans to successfully compromise a company’s critical business assets

  • Identifying vulnerabilities existing in Company’s network, applications, devices, and personnel

  • Effectiveness/weaknesses in Company’s security detection capabilities - monitoring and alerting policies and procedures

  • Prioritize demonstrated impact for your future security initiatives

Methodology

Information Gathering

Black box open source intelligence - inclusive but not limited to:

    • Network information: Public IP ranges, hosting providers, open ports and services

    • Application information: web or mobile apps and API endpoints

    • Personnel information: Publicly accessible email addresses, phone numbers, roles and identities

    • Devices information: IoT devices on network

    • Physical information: building peak hours, company badges/identification, physical security policies/measures, points of entry, dress code, etc

    • Wireless information: SSIDs, authentication, etc

Plan of Attack

Translating footprint into a plan - inclusive but not limited to:

    • Investigating cloud services for any misconfigurations

    • Mapping potential manual attack-vectors for identified vulnerabilities

    • Testing for weak or default credentials on authentication forms

    • Developing social-engineering pretext scenarios/physical entry vectors

Execution

Implementing attack options across all relevant vectors - inclusive but not limited to:

    • Manually attacking services with previously identified and mapped vulnerabilities

    • Compromising systems

    • Using discovered credentials or brute force to access any servers or network systems

    • Targeting personnel using various social engineering techniques – phishing, pretext calling, etc

    • Accessing facilities or sensitive areas by evading security policies and processes

Detailed Report

Exploitation likelihood and potential impact, Recommendation & Mitigation Plan Development

    • Per vulnerability

    • Per attack/exploit vector