Contact Securance
Feel free to reach out to us with any questions you might have.
Plan a Meeting
Schedule a free consultation meeting with the link below.
Why is it necessary
The Connection Between Red Teaming And DORA
The new Digital Operational Resilience Act, or DORA for short, will require financial institutions in the EU to make concrete steps to improve operational cybersecurity. One requirement is called Threat-Led Penetration Testing (TLPT), also known as Red Teaming.
What is Red teaming
Our Red Team hacks your network while trying to stay undetected by your Blue Team. The Blue Team can be your internal, or external security response team or security operations center (SOC).
The goal of Red Teaming is to improve your Blue Team’s capabilities. A closing session with your SOC/Blue Team is always included, where the Blue Team learns where opportunities exist to improve detection and response.
Different from Pen testing
Red Teaming can be seen as a form of Penetration Testing, but it is different in several important ways.
First of all, the goal is different. A pentest aims to find as many vulnerabilities as possible in the shortest reasonable timeframe. Red Teaming projects aim to measure and improve Blue Team capabilities. Like a real attacker, a Red Team has to try to avoid easy detection.
Also, Red Teaming is often based on threat intel, i.e., follows methods known to be commonly used by threat actors.
So, while the techniques used are often similar, Red Teaming and Penetration Testing have different goals and a different approach.
Contact Securance
Feel free to reach out to us with any questions you might have.