Red Teaming/Purple Teaming Tests
These in-depth tests are inspired by military drills and are the most advanced type of testing available. They examine the entire security profile of your organization – on a technical, physical and organizational level.
Tests in Red Teaming / Purple Teaming model are carried out based on your individual needs. Unlike penetration tests that seek to find vulnerabilities in your system, the purpose of tests is to comprehensively verify the maturity of your organization in data security.
Our team of experts (Red Team) will mimic techniques used frequently by cybercriminals to access your systems – like databases or secure physical locations.
Conversely, the Blue Team will effectively defend your organization from attacks by analysing information systems to ensure security. Tests are completed either in isolation from your security staff (so-called Red Teaming) or in close cooperation with them (so-called Purple Teaming) to maximize the effects.
As part of the tests, we can perform an Open-Source Intelligence (OSINT) campaign to collect important insight about the company and its employees based on publicly available tools and data. We test the awareness of your staff with various types of social and technical attacks – as well as the quality of physical security, especially access control.
The tests may also include the evaluation of security mechanisms operating on workstations (anti-malware or EDR solutions) as well as network solutions (IDS/IPS, firewalls etc.). The Active Directory domain can be verified for a possible escalation of privileges from a domain user to its administrator. Also in terms of keeping by the attacker access to it.
Red Teaming/Purple Teaming tests benefits:
The most comprehensive review of security mechanisms
An assessment of organisation’s resistance to various types of attacks
Practical tests designed to uncover the most pressing threats
They lead to improve security procedures and policies