Red Teaming exercises | Reliance acsn

Phases of our Red Teaming process

Threat intelligence gathering and assessment. The process begins with a comprehensive external investigation. The Red Team use a combination of open source, proprietary and dark web data to create a profile of the organisation, emulating the typical pre-attack phase of a sophisticated attacker.
Confirmation of attack approach and target objectives. To ensure that the exercise is realistic, we collaborate with the client to set up a “White Team” who will referee the test and manage communication between the teams. Before the exercise begins, we agree objectives with the White Team to ensure that the test is fair.
“Actions on.” The exercise itself commences and Reliance acsn experts attempt to meet the objectives agreed in step two using a combination of physical, technical and social engineering methods. We begin with simpler approaches and then become more sophisticated to identify the precise level of security that the current system provides.
Reporting. We relay our findings in two distinct reports. The first is a board-focused report which sets out the test’s objectives and results in terms of business risks and impacts. This report is also appropriate for sharing with regulators. The second report is a technical breakdown of the events of the exercise which includes all of the threat intelligence and actions taken.
Purple teaming. As an optional final step, our experts can collaborate with the client’s Blue Team to demonstrate the techniques that were used to breach the organisation. This enables them to further refine their detection capabilities.

Threat, Intelligence and Vulnerability Management – Red Team

Phases of our Red Teaming process