Red Teaming

Suppose you want to know how good you are at detecting spearphishing attacks by sophisticated cybercrime actors or whether your detection capabilities are indeed seeing Advanced Persistent Threats (APTs). In that case, there is only one way to know: to test these processes by performing these attacks as a malicious attacker would. The Red Team will simulate the attack. The Blue Team, responsible for defending, can be involved in various ways (or not at all). The White Team (the observers) can escalate and de-escalate when necessary.

Red Teaming Modular

Are you up for the next step after pentesting? This modular approach uses the strengths and benefits of a full-scale Red Team assessment by picking the most relevant attacks for your organization. The stealth of the Red Team is secondary to obtaining objectives. This, combined with more information about your organization up front, results in an attractive budget while still targeting your employees’ security awareness and your organization’s digital security.

Red Teaming Core

Red Teaming Core is a full-blown attack simulation for medium to large businesses that employ their own Blue Teams. This type will condense extensive threat landscape analysis and reconnaissance into challenging attack scenarios. These scenarios are based on real-world threat actors, and Secura will emulate these groups by using similar Techniques, Tactics, and Procedures (TTP’s) as defined in the MITRE ATT&CK Framework. To stay within an attractive budget, so-called Leg Up’s are discussed up front to make sure the assessment can continue when your defenses in a specific area are already sufficient to delay the Red Team enough.

Red Teaming Pro

The Pro variant of Red Teaming is a step up for organizations with very mature Blue Teams and a high level of cyber resilience. Attacking a mature organization such as yours requires much more effort by the Red Team to, for example, deploy malware that bypasses your EDR solution. Here the Red Team works as a completely independent group, and Leg Up scenarios are only used as a last resort. The Red Teaming Pro is the most realistic simulation of attacks by Advanced Persistent Threats (APTs) against your organization.

Red Teaming in OT

Similar to our Red Teaming Pro service, but specifically focused on generating a low volume and simulated high impact events on your ICS and SCADA control systems. Attackers targeting these environments use different tactics, resulting in a tailor-made process that mitigates any operational environment risks.

Read more about Red Teaming in OT.

TIBER

TIBER stands for Threat Intelligence Based Ethical Red Teaming and is part of the financial sector’s effort to improve cyber resilience under the guidance of the Dutch National Bank. Also, more cyber security frameworks and regulations mention TIBER-like tests for other sectors. Secura will work with you to ensure that your organization will be tested according to the correct requirements.

Secura’s experience in Red Teaming, combined with our capabilities, passion, and TIBER-specific experience, provides our customers with the best possible basis for the clean, solid execution and management of TIBER engagements. Therefore Secura is capable of functioning as Red Teaming Provider (RTP), complying with the requirements for Red Teaming Provider (RTP) in the TIBER-NL guidelines.

Read more about TIBER.

ZORRO

ZORRO stands for "ZOrg Red teaming Resilience Exercises." This framework, developed by Z-CERT, aims to structurally improve the cyber resilience of participating healthcare providers and the healthcare industry in general.

Secura offers a cost-effective testing program that meets the requirements of the ZORRO methodology. To be able and allowed to test under ZORRO, agreements have been made in advance between Secura, Z-CERT and the healthcare organization.

Crisis management

Secura confronts your crisis management team with a challenging but realistic cyber threat incident to test cooperation and coordination. During a one-day tabletop session, your team will be presented with so-called injects, providing a realistic feel in a simulated and controlled environment. Such a tabletop session is beneficial for developing your cyber crisis management skills and preparing the team for other high-impact incidents.

Red Teaming is very different from traditional Pentesting. A Red Team can combine vulnerabilities from different classes of attacks, for example, social engineering and attacks on the external infrastructure, to find otherwise unknown weaknesses. This is contrary to pentests, where the scope is limited to a single network or application.

Red Teaming tests your defenders' capability to detect, respond and mitigate attacks in a realistic setting. It trains them to react during a real attack and shows them where detection capabilities need to be improved.

An attacker uses a vast arsenal of tools to abuse all aspects of your digital security, technology, physical security, and human behavior to access your most important crown jewels. To mimic this type of attack requires a team of experienced hackers and social engineers with the proper knowledge, broad experience, and many specialties. Secura has built this knowledge, experience, and specialties into its team over the past twenty years. Therefore, our multidisciplinary team consists of top specialists with knowledge and experience in the three security domains: technology, physical security, and human behavior.

Our Red Teamers hold relevant certifications such as Certified Red Team Professional (CRTP), Certified Red Team Operator (CRTO), Certified Red Team Expert (CRTE), Master Level Social Engineer (MLSE), and many others.

Secura's experience in red teaming, combined with our capabilities, passion, and industry-specific experience, provides our clients with the best possible foundation for clean, solid execution and management of Red Teaming engagements.

Read More:

• "Secura Selected as Partner in the Province of Gelderland's Cyber Challenge"
• "Amphia Hospital x Red Teaming"