Cyber Security
Red teaming
Red Teaming means that we hack our way into your network, aiming to work with your Blue Team to learn and adapt to the latest hacking techniques. How well do your defences against targeted attacks work?
Cyber Security
Red teaming
Why is it necessary
The Connection Between Red Teaming And DORA
The new Digital Operational Resilience Act, or DORA for short, will require financial institutions in the EU to make concrete steps to improve operational cybersecurity. One requirement is called Thread-Led Penetration Testing (TLPT), also known as Red Teaming.
What is
Red teaming
Our Red Team hacks your network while trying to stay undetected by your Blue Team. The Blue Team can be your internal, or external security response team or security operations center (SOC).
The goal of Red Teaming is to improve your Blue Team’s capabilities. A closing session with your SOC/Blue Team is always included, where the Blue Team learns where opportunities exist to improve detection and response.
Different from
Pen testing
Red Teaming can be seen as a form of Penetration Testing, but it is different in several important ways.
First of all, the goal is different. A pentest aims to find as many vulnerabilities as possible in the shortest reasonable timeframe. Red Teaming projects aim to measure and improve Blue Team capabilities. Like a real attacker, a Red Team has to try to avoid easy detection.
Also, Red Teaming is often based on threat intel, i.e., follows methods known to be commonly used by threat actors.
So, while the techniques used are often similar, Red Teaming and Penetration Testing have different goals and a different approach.