As attackers become more sophisticated, it is important that organisations assess their capability to resist and respond to cyber-attacks based on an understanding of the key threats they face.
A red team exercise goes further than just identifying gaps in your security practices and controls to prevent an attack; it can also provide valuable insights about your organisation’s capability to identify attacks in progress and remove them from the environment.
Benefits of a red team include:
- Improved readiness of your organisation;
- Better training for defensive practitioners, for example your SOC or blue team; and
- An opportunity to inspect current performance levels.
How we can help
Context can target the full range of an organisation’s digital defences, mimicking the tactics, techniques and procedures deployed by real attackers, and using everything from custom-developed malware to social engineering.
With significant experience in social engineering, malware reverse engineering and targeted attack analysis, we can deliver a variety of attack types based on real world threat scenarios and the knowledge of our threat intelligence experts. Each engagement is fully customised to the client and tailored to the attacks they are likely to face. This also includes smaller scenario-based tests for our clients, which looks at testing specific issues.
After a Red Team engagement, Context will deliver a detailed report showing the attack paths identified during the assessment, the activities undertaken and the ease of exploitation. We will provide mitigation advice where vulnerabilities have been identified and can also provide in-depth post testing support if required to assist you in developing a more robust cyber security strategy.
Blue Team / Purple Team
We can also carry out blue team or purple team exercises where we work alongside your organisation's response capability (SOC or blue team) to test what they can detect and how they respond. We recommend this approach, because the better SOCs can understand what we have done, the better they can defend against it in future.
Context is certified to carry out CBEST and CREST STAR engagements:
CBEST Scheme – The Bank of England’s CBEST scheme is a framework to deliver controlled, bespoke and intelligence-led cyber security tests for financial institutions. These tests are designed to replicate the behaviours of threat actors that have been identified as posing a genuine threat to financial institutions. Context is experienced at performing CBEST engagements, having completed 12 out of the first round of 36 CBEST engagements.
CREST Simulated Target Attack and Response (STAR) – Context is qualified to provide STAR assessments which take threat intelligence information to deliver highly targeted attacks against an organisation to simulate sophisticated threat actors. We have been performing STAR assessment engagements for global clients for many years; we use real-world data about attackers collected through our experience in the field, enabling us to perform focused and realistic exercises.