Red Teaming Modular
Are you up for the next step after pentesting? This modular approach uses the strengths and benefits of a full-scale Red Team assessment by picking the most relevant attacks for your organization. The stealth of the Red Team is secondary to obtaining objectives. This, combined with more information about your organization up front, results in an attractive budget while still targeting your employees’ security awareness and your organization’s digital security.
Red Teaming Core
Red Teaming Core is a full-blown attack simulation for medium to large businesses that employ their own Blue Teams. This type will condense extensive threat landscape analysis and reconnaissance into challenging attack scenarios. These scenarios are based on real-world threat actors, and Secura will emulate these groups by using similar Techniques, Tactics, and Procedures (TTP’s) as defined in the MITRE ATT&CK Framework. To stay within an attractive budget, so-called Leg Up’s are discussed up front to make sure the assessment can continue when your defenses in a specific area are already sufficient to delay the Red Team enough.
Red Teaming Pro
The Pro variant of Red Teaming is a step up for organizations with very mature Blue Teams and a high level of cyber resilience. Attacking a mature organization such as yours requires much more effort by the Red Team to, for example, deploy malware that bypasses your EDR solution. Here the Red Team works as a completely independent group, and Leg Up scenarios are only used as a last resort. The Red Teaming Pro is the most realistic simulation of attacks by Advanced Persistent Threats (APTs) against your organization.
Red Teaming in OT
Similar to our Red Teaming Pro service, but specifically focused on generating a low volume and simulated high impact events on your ICS and SCADA control systems. Attackers targeting these environments use different tactics, resulting in a tailor-made process that mitigates any operational environment risks.
Read more about Red Teaming in OT.
TIBER stands for Threat Intelligence Based Ethical Red Teaming and is part of the financial sector’s effort to improve cyber resilience under the guidance of the Dutch National Bank. Also, more cyber security frameworks and regulations mention TIBER-like tests for other sectors. Secura will work with you to ensure that your organization will be tested according to the correct requirements.
Secura’s experience in Red Teaming, combined with our capabilities, passion, and TIBER-specific experience, provides our customers with the best possible basis for the clean, solid execution and management of TIBER engagements. Therefore Secura is capable of functioning as Red Teaming Provider (RTP), complying with the requirements for Red Teaming Provider (RTP) in the TIBER-NL guidelines.
Read more about TIBER.
ZORRO stands for "ZOrg Red teaming Resilience Exercises." This framework, developed by Z-CERT, aims to structurally improve the cyber resilience of participating healthcare providers and the healthcare industry in general.
Secura offers a cost-effective testing program that meets the requirements of the ZORRO methodology. To be able and allowed to test under ZORRO, agreements have been made in advance between Secura, Z-CERT and the healthcare organization.
Secura confronts your crisis management team with a challenging but realistic cyber threat incident to test cooperation and coordination. During a one-day tabletop session, your team will be presented with so-called injects, providing a realistic feel in a simulated and controlled environment. Such a tabletop session is beneficial for developing your cyber crisis management skills and preparing the team for other high-impact incidents.