Red Team - All Systems
"Gap Testing"
The ETS, Inc. Red Team experts review your process and previous penetration results and executes a targeted penetration test of your organization across multiple possible areas, to determine the extent of how an advanced, well-planned attack from a determined, real-world adversary would disrupt your operations.
A red team can go beyond a penetration test to identify potentially damaging ‘cracks’ that could be exploited. Advanced, well-planned attacks are likely to be a blend of cyber, physical and social engineering attacks. Determining the potential damage for these should they succeed, can identify the remediation required, as well as provide further measurement on the effectiveness of your security investments.
The difference between a Red Team and a Penetration Test is usually a combination of scope and duration.
WHY?
Our Red Team - All Systems will include tests across technologies, people, processes and physical locations.
HOW?
Our Red Team experts will work with you to determine the scope and targets for the test. Testing usually covers a combination of:
Cyber: Your organization’s IT/digital assets. Cyber security is the practice of protecting these and is critical to the success of any business.
Physical: Your organization’s physical security and locations where you conduct business.
Social: Your organization’s people. Manipulation tactics are often used to gain information or access, such as a phishing simulation. This social engineering assessment will prevent the exploitation of your unsuspecting employees and internal team members. Tests are conducted using a combination of manual and automated approaches, depending on the types of assets being targeted. A pre-assessment can help to ensure clients get what they need and sometimes leads to a re-focus of testing based on the findings.
At the conclusion of the test our team will provide both an executive summary and a detailed technical report. All vulnerabilities which have been identified and exploited will be included, with full remediation details. Systemic issues will be called out and recommendations made. Where existing controls can be used to remediate a problem, this will be provided also.