Common Ground Part 1: Red Team History & Overview

The Roots

History Lessons

Evolution and formality

So What Is It?

Industry Specific Definitions

Technical Assessment Differentiators

  • Vulnerability Assessment — the intentional discovery and validation of vulnerabilities inside of an environment. Most organizations now have an in-house function for this, and if they don’t they definitely should.
  • Penetration Testing — the process of testing a system (network, application, host) for the ability to gain access and demonstrate impact. Usually includes some component of a vulnerability discovery phase, but continues to measure the impact of successful exploitation. I see these assessments focused on technical content matter: vulnerabilities, exploits, and data.
  • Social Engineering Assessment — A targeted assessment built to measure the susceptibility of individuals within an organization to coercion from outside entities through social manipulation. This might include cold calling (pretext calling) or spear phishing. This also might be a subset of a larger assessment, penetration testing/physical/red teaming/etc.
  • Physical Penetration Testing or Physical Security Assessment — A targeted assessment measuring the susceptibility of an organization against a physical penetration or breach. Physical testing objectives might include gaining access to a certain area, bypassing specific controls, or stealing a certain asset. This also might be a subset of a larger assessment.

Network Red Teaming Overview

“Playing Adversary”

Not Just About 1s and 0s

Reality of Red Teams

Problem

  • Limited Scope — A successful engagement relies on a wide and all-encompassing scope that adequately allows the red team to tactically maneuver in an environment just as the adversary would. With that said, there are certain assets that will always be too risky to permit offensive operations against, and will often be removed from the scope. Most organizations are simply not willing to put their existence at risk to measure security.
  • Limited Time — I hear it all the time, “The bad guy has forever to achieve his objective”. While that is true, most organizations will not sponsor their internal team or a consulting team to work an engagement forever; it is simply too costly and limits the training received. The time of an assessment should be enough to allow a tradecraft conscious operation but also constrained to allow for definitive end state where the teams can be debriefed. Additionally, not all adversaries have an infinite timeline, they have people breathing down their necks for results too.
  • Limited Audience — A red team should include as many stakeholders and decision-makers as possible. While I wish that every person in a company would stop and play in the engagements I run, this would simply not make business sense. That is part of the facet of a realistic exercise-in many breaches, C-level executives aren’t even paying attention. In a red team, they will often not want to be involved in the test because they are “too busy.” I encourage as much participation as possible throughout leadership but recognize it will not be possible.

Solution — White Card

Wrap Up

--

--

--

Tech: Threat Intel | Photographer @ https://www.justinwarnerphoto.com

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The game where you’re a software developer

Review On : Dragon™ Vs Jaynes™ LMS’s

Can You Feel the Mayhem? Week 1 Recap

Participatory Culture in Eve Online

Star Wars Jedi: Fallen Order — A padawan’s pilgrimage

Code Angel: Our Successful Kickstarter Story

The Biggest Games of E3 2018 (according to Playkey)

GMEE REWARDS FROM THE F1 DELTA TIME ELITE TIME TRIAL!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Justin Warner

Justin Warner

Tech: Threat Intel | Photographer @ https://www.justinwarnerphoto.com

More from Medium

TryHackMe: Intro to Malware Analysis [Write-up]

NahamCon CTF 2022: OSINT Challenge

Operation Galaxios Writeup

THM Advent-of-cyber 2021 Day16