Red Team Engagements are highly targeted assessments that aim to compromise critical data assets in your network, leveraging the vast scope an external attacker would have. Unlike a traditional penetration test, in which our security engineers attempt to find and exploit any possible vulnerabilities in a defined scope — such as a web application — these engagements simulate a genuine cyber-attack on your organization.
A leader in these sophisticated campaigns, Rhino Security Labs has developed a world-class team of offensive security engineers and researchers.
Red Team Engagements are an effective demonstration of tangible risk posed by an APT (Advanced Persistent Threat). The assessors are instructed to compromise predetermined assets, or “flags,” using means that a malicious actor might utilize in a legitimate attack. These comprehensive, complex security assessments are best suited for companies looking to improve a maturing security organization.
By harnessing this unique combination of attack capabilities, we can determine the attack process to compromising your critical business assets. We can discover where vulnerabilities exist in your network, applications, IoT devices, and personnel. We can also determine the effectiveness of your security monitoring and alerting capabilities, as well as weaknesses in your incident response policy and procedures.
The demonstrated impact from the testing paints a much larger picture that will aid your organization in the prioritization and planning of your future security initiatives.
1 – Scope
Penetration testing is normally concerned with which assets to include in scope. However, red team engagements aim to compromise critical business assets and the scoping process defines areas to exclude from the assessment. This is broken down into a few steps:
Red Team engagements include custom scenarios that simulate real-world tactics an external attacker might use. Download our service brief to understand how a goal-focused approach can reveal deeper security weaknesses.
2 – Information Gathering and Reconnaissance
The initial work done in any black-box assessment is information gathering. It combines a myriad of Open Source Intelligence (OSINT) resources for gathering data on the target organization, and it is critical to the operation. Aggregating both public and private methods of intelligence gathering allows Rhino Security Labs to develop an early structure for a plan or attack. The following are some examples of information we target during reconnaissance:
3 – Mapping and Planning of Attack
After completing all initial information gathering, the process transitions to mapping our strategy and attack methodology. The approach varies widely, dependent on our intel from the previous stage and the developed footprint. These steps may include:
4 – Executing Attack and Penetration
The variety of information gathered in the beginning phases lay the foundation for a whole host of attack options across all relevant vectors. These attack options may include the following:
5 – Reporting and Documentation
Reporting is critical to understanding the value you receive from a Red Team engagement. Our reports are the best in the industry. Each is customized to the specific scope of the engagement and outlines any perceived vulnerabilities Rhino Security Labs discovered. The reports are designed to be easily digestible but complete in the findings, giving both the exploitation likelihood and potential impact for each vulnerability. In addition, each vulnerability includes a remediation strategy for mitigating the risk associated with the vulnerability.