RED team

contact our experts nowcontact our experts now

The Red Team focuses on vulnerability assessments, social engineering and physical security. Penetration tests, extended social engineering campaigns (such as "spear phishing") and Red Team simulations are carried out on a regular basis. A realistic threat model is created using specifically developed attack scenarios in order to uncover vulnerabilities and thus create transparency in our customers' IT environments.

Modules

Graphic representation of a green circle against a black background, symbolizing safety strategies in the context of Red Team simulations.

Supply chain security monitoring

The Darknet is continuously searched for sensitive company data and supplier information.

Continuous monitoring for new mentions on the Darknet
Searching the darknet for company-specific data
Possibility to react quickly to potential attacks and defend against them

OSINT - Darknet Snapshot

Open Source Intelligence, one-time collection, investigation and analysis of freely available information about the company and evaluation for further attack scenarios.

Critical information
Searching the darknet for company-specific data
Search for internal company documents

External audit

Simulates an attacker from the Internet.

Checking the IT infrastructure accessible via the Internet (e.g. mail, FTP and VPN servers, web applications)
Without social engineering

Application Audit

Cloud/web/mobile/client check

Security of the application logic and possibly the underlying server/OS infrastructure
Audit in accordance with relevant standards and norms (e.g.: OWASP API Security Top 10, OWASP Top 10, OWASP Mobile Security)
Incl. source code analysis as required

Graphic representation of a green circle on a black background, symbolizing safety strategies in the context of Red Team simulations.

Social engineering

Checking the IT security awareness of employees
On site:

Physical intrusion (overcoming the perimeter)
Searching the internal area for further information
Actively influencing employees
USB dropping

Remote:

Simulation of wide-ranging and targeted phishing campaigns
Vishing/smishing attacks

Awareness training

Training on the identification and correct handling of realistic attack methods

Concrete threats explained in a practical way
Practical procedures

Graphic representation of a colourful line with text elements symbolizing various aspects of IT security strategies.

Internal audit

Simulates an attacker who could gain access to the internal network.

Checking the internal network (Active Directory, file shares, applications,...)

Graphic representation of a colorful line with text elements symbolizing safety strategies in the context of Red Team simulations.

OT Audit

Review of network compartmentalization, company-wide with a focus on access to the production environment

Evaluation of the security of the production environment based on relevant standards and norms
Audit of SCADA and control technology networks (OT)
Review of access control/remote maintenance

we transform for the better

Audit vs. red teaming

Audit

Teamwork creates efficiency: Disable Workstation AV, Local Admin Access
Identify and structure vulnerabilities from high to low impact
Result: Identification of as many relevant vulnerabilities as possible, recording in a report

Request now

RED teaming

Dedicated targets (mail access, merchandise management system, ...)
Identification of errors in the IT security process (detection, reaction, ...)
Result: Timeline with replay workshop, process improvement, identified vulnerabilities are secondary

Request now

RED teaming

IN, THROUGH, OUT
// we transform for the better

Based on TIBER-EU (European Framework for Threat Intelligence-Based Ethical Red-Teaming)
- Only the targets to be achieved are defined
- The attacker is free to decide when and how to try to achieve them

Unified Kill Chain

Red Team - Breaching

Simulation of an attacker without restrictions trying to gain access to the internal network

Verification of the complete external perimeter (systems, personnel, ...)
Coverage of various realistic attack scenarios

Red Team - Assumed Breach

TROUGH, OUT

Simulation of an unrestricted attacker attempting to spread through the internal network to achieve specific goals

Checking the internal attack vector including the defense mechanisms and IT security processes
Coverage of various realistic attack scenarios

Test -Your -SOC

TROUGH, OUT

Checking how far an attacker can penetrate the company without being detected by the Security Operations Center (SOC)

Tests are divided into different phases in order to recognize the reaction time of the SOC

Purple Teaming

TROUGH, OUT

In collaboration with the SOC team, defined targets are worked towards in order to simulate various attacks

Indicators of Compromises (IoCs) are generated for the SOC team through the replay workshop
The IoCs can be used to establish rules so that attacks can be detected more quickly in future

we transform for the better

Clear & understandable

We understand that reports are an essential part of our service delivery. Our reports are therefore essentially divided into two sections: the "executive summary" for management and the "detailed findings" for the technical team. Of course, we not only provide you with the findings themselves, but also an assessment of the weakness and a recommendation on how you can rectify it.

Qualified test center within the meaning of the NISG

Fulfillment of necessary requirements, which are also validated accordingly by the BMI

Experienced auditors
Security-cleared auditors within the meaning of the Security Police Act (§ 55a para. 2 SPG)
Taking own security precautions (e.g. ISO27001 certification)
Use of suitable hacker tools
Application of a suitable testing process
Appointment by decision
Companies with a head office and registered office in Austria