The end goal of penetration testing and red teaming is the same, to identify vulnerabilities that could leave your organisation open to attack, but the methodology is very different. So what exactly does a red team engagement involve?
Red teaming is, simply put, the use of realistic attacker tactics that replicate a targeted threat. This can include deployment of bespoke Trojans and physical testing of defences - such as targeting staff directly in order to gain entry to a building or network perhaps through the use of spear phishing techniques - to reveal just how effective that organisation's defences are against real world attack.
In this white paper, find out:
- What is red teaming (also known as simulated targeted attacks) and how it differs to pen testing
- Steps taken in a red team engagement
- How to measure the business benefits of a red team exercise