Deep security expertise, we understand attackers and how defend against them
Risk-based objective evaluation of your controls, procedures and goals
Develop actionable insight and plans to guide your business
Red Team Attack Simulation
Our Red Team Attack Simulation service is an adversarial-based simulation against people, software, hardware and facilities. With the objective of presenting a realistic simulation of an advanced persistent threat against your organisation and identifying gaps in security practices and controls. This type of attack simulation is carried out by highly trained security consultants with the goals of identifying physical, hardware, software and human vulnerabilities; obtaining a realistic understanding of the level of effort to compromise your sensitive data; help address and fix all identified security weaknesses.
Business Value
- Get experience dealing with a real-world breach attempt
- Determine the level of effort required to compromise your sensitive data
- Improve your time to respond to events and incidents
- Assess your security posture against a realistic attack
- Identify and mitigate complex security vulnerabilities before an attacker exploits them
Our Approach
Our Red Team Attack Simulation is a bespoke service. Our methodology is performed by our highly trained security consultants and customised for each organisation. We leverage our proprietary tactics, research and intelligence to design blended attacks that combine various techniques to avoid detection and prevention including passive physical and network reconnaissance, phishing, vishing, wireless open source intelligence (OSINIT) and active physical reconnaissance (drones, on-site covert observation). We utilise commercial tools, internally developed tools and the same tools used by bad actors on each and every assessment.This allows our clients to improve their detection and defensive capabilities.
We are focused on real-world business impacting attack goals that resonate with client management and executives. We will work with you to establish testing objectives on the same systems and data that advanced threat actors target.
We consider the reporting phase of a Red Team Attack Simulation as one of the most important. Firstly, we provide a written report that provides an executive summary, scope, findings, evidence risk rating and methodology and approach. We review the report during a stakeholder meeting that is typically done in person or virtually. During this meeting our consultants will walk your through the report, in detail to ensure all findings are thoroughly understood and that a remediation roadmap is understood.