Test your defenses against an emulated APT attacker

During a Red Team assessment, Redlings models an advanced threat actor. Since the technology and the effectiveness of existing processes are assessed during Red Team assignments, very few people in the organization are often familiar with the ongoing Red Team at any given point in time.
Because the testers try to move below the security team's radar, Red Team assignments typically require more time and effort. Red Team assignments require attacks that are tailored.

Red Team

A Red team follows the entire attack lifecycle carried out by sophisticated, persistent attackers. Redlings receives little or no information at the beginning of the assessment, as a Red Team is supposed to emulate a real, targeted attack. The goals and framework conditions of such a test are agreed in advance between your company and Redlings. A coordinated ethical approach should have priority over the effectiveness of attack techniques, but it is often in tension with methods used by real attackers.

Red Team Process

A Red Team assessment begins with establishing an external command and control server (Command & Control, C2). From such servers, Redlings will send commands to already compromised systems in your company. The external C2 infrastructure uses network communication protocols that try to evade detection by your employees, your service provider, and the technology you use.
First, we check externally accessible IT systems for immediate compromise. Due to the widespread use of modern attackers' social engineering methods, Redlings will probably also resort to social engineering attacks for the initial compromise, as long as this is within the aligned rules of engagement. This may include, in particular, email or telephone-based social engineering.
After the initial compromise, Redlings looks for ways to escalate user permissions and move around your internal network. One of our goals will likely be to gain domain administrator rights on your internal network.
If necessary, Redlings uses the domain administrator rights to achieve the defined goals for the assessment. All activities described are carried out in a manner to minimize detection by employees of the Blue team. We use open-source tools, commercial tools, and also in-house developments for our red team assessments. The toolset used and the procedures are usually tailored to the attacker to be emulated.
A Red-Team Assessment is a service offering for companies that already have a mature security program in place and are trying to test their defense and incident response procedures against a determined adversary.

Have we sparked your interest?

Just give us a call or write us a message!

Erfolgreich! We have received your request. Thank you very much.
Fehler! An error occurred while sending. Please use another way to contact us!

We use cookies to improve user experience and analyze website traffic. Read about how we use cookies and how you can control them by clicking "Privacy Preferences".

Privacy Preferences I Agree

Privacy Preferences

When you visit any website, it may store or retrieve information through your browser, usually in the form of cookies. Since we respect your right to privacy, you can choose not to permit data collection from certain types of services. However, not allowing these services may impact your experience.