Our Red Team Attack Simulation is a bespoke service. Our methodology is performed by our highly trained security consultants and customised for each organisation. We leverage our proprietary tactics, research and intelligence to design blended attacks that combine various techniques to avoid detection and prevention including passive physical and network reconnaissance, phishing, vishing, wireless open source intelligence (OSINIT) and active physical reconnaissance (drones, on-site covert observation). We utilise commercial tools, internally developed tools and the same tools used by bad actors on each and every assessment.This allows our clients to improve their detection and defensive capabilities.
We are focused on real-world business impacting attack goals that resonate with client management and executives. We will work with you to establish testing objectives on the same systems and data that advanced threat actors target.
We consider the reporting phase of a Red Team Attack Simulation as one of the most important. Firstly, we provide a written report that provides an executive summary, scope, findings, evidence risk rating and methodology and approach. We review the report during a stakeholder meeting that is typically done in person or virtually. During this meeting our consultants will walk your through the report, in detail to ensure all findings are thoroughly understood and that a remediation roadmap is understood.