Top Categories

Spotlight

today03/06/2020

News Radu Stanescu

A SHIELD FOR SMALL BUSINESSES

Sometimes it’s challenging to stay cybersafe in an environment where other businesses have more time or money to dedicate to their cybersecurity strategy. Sandline is committed in bringing the value of being cyberprotected by providing affordable top services and trainings for a variety of small businesses. Cyber attacks are a [...]

Top Voted
Sorry, there is nothing for the moment.

RED TEAM

Background
share close

Red team

A security red-team is a test that aims to assess the security level of an organization, identify main weaknesses in its security posture, provide insights about the organization’s resilience level, and reveal how prepared it is to withstand a real-life attack.

The way to provide such assessment is by simulating real cyber-attack. The standard process of a security red-team involves the following stages:

  • Planning – working with a client to define the scope, timeline objectives. Rules of engagements and etc.

  • Information Gathering – This stage may be also called threat intelligence or reconnaissance. This is the stage where the team collects information about the potential attack surface and build an attack plan

  • Initial Penetration – Finding the first point of access which may be an external facing server, a user endpoint or any other endpoint in the organization network

  • Establishing control – Usually involves elevation of privileges and establishing some method of remote control (reverse shell, web shell, RDP access and etc.)

  • Lateral movement and Trophy Hunt – Once the team has established some type of control of internal resources in the network, it is time to move forward and access the most valuable assets of the organizations (e.g. access the payment system and prove you can make a transaction). These trophies are defined together with the customer at the planning stage.