Do you want to switch the language?

RED Team Deepdive

The Red Team focuses on vulnerability assessments, social engineering and physical security. Penetration tests, extended social engineering campaigns (such as "spear phishing") and Red Team simulations are carried out on a regular basis. A realistic threat model is created using specifically developed attack scenarios in order to uncover vulnerabilities and thus create transparency in our customers' IT environments.

Modules

in

Supply chain security monitoring

The Darknet is continuously searched for sensitive company data and supplier information.

  • Continuous monitoring for new mentions on the Darknet
  • Searching the darknet for company-specific data
  • Possibility to react quickly to potential attacks and defend against them


in

OSINT - Darknet Snapshot

Open Source Intelligence, one-time collection, investigation and analysis of freely available information about the company and evaluation for further attack scenarios.

  • Critical information
  • Searching the darknet for company-specific data
  • Search for internal company documents
in

External audit

Simulates an attacker from the Internet.

  • Checking the IT infrastructure accessible via the Internet (e.g.: mail, FTP and VPN servers, web applications)
  • Without social engineering
in

Application Audit

Cloud/web/mobile/client check

  • Security of the application logic and possibly the underlying server/OS infrastructure
  • Audit in accordance with relevant standards and norms (e.g.: OWASP API Security Top 10, OWASP Top 10, OWASP Mobile Security)
  • Incl. source code analysis as required
in

Social engineering

Checking the IT security awareness of employees
On site:

  • Physical intrusion (overcoming the perimeter)
  • Searching the internal area for further information
  • Actively influencing employees
  • USB dropping

Remote:

  • Simulation of wide-ranging and targeted phishing campaigns
  • Vishing/smishing attacks
in

Awareness training

Training on the identification and correct handling of realistic attack methods

  • Concrete threats explained in a practical way
  • Practical procedures


trough-out

Internal audit

Simulates an attacker who could gain access to the internal network.

  • Checking the internal network (Active Directory, file shares, applications,...)
trough-out

OT Audit

Review of network compartmentalization, company-wide with a focus on access to the production environment

  • Evaluation of the security of the production environment based on relevant standards and norms
  • Audit of SCADA and control technology networks (OT)
  • Review of access control/remote maintenance
we transform for the better

Audit vs. red teaming

Audit

  • Teamwork creates efficiency: Disable Workstation AV, Local Admin Access
  • Identify and structure vulnerabilities from high to low impact
  • Result: Identification of as many relevant vulnerabilities as possible, recording in a report

RED teaming

  • Dedicated targets (mail access, merchandise management system, ...)
  • Identification of errors in the IT security process (detection, reaction, ...)
  • Result: Timeline with replay workshop, process improvement, identified vulnerabilities are secondary

RED teaming

IN, THROUGH, OUT
// we transform for the better

Based on TIBER-EU (European Framework for Threat Intelligence-Based Ethical Red-Teaming)
- Only the targets to be achieved are defined
- The attacker is free to decide when and how to try to achieve them

Unified Kill Chain

Red Team - Breaching

IN

Simulation of an attacker without restrictions trying to gain access to the internal network

  • Verification of the complete external perimeter (systems, personnel, ...)
  • Coverage of various realistic attack scenarios

Red Team - Assumed Breach

TROUGH, OUT

Simulation of an unrestricted attacker attempting to spread through the internal network to achieve specific goals

  • Checking the internal attack vector including the defense mechanisms and IT security processes
  • Coverage of various realistic attack scenarios

Test -Your -SOC

TROUGH, OUT

Checking how far an attacker can penetrate the company without being detected by the Security Operations Center (SOC)

  • Tests are divided into different phases in order to recognize the reaction time of the SOC

Purple Teaming

TROUGH, OUT

In collaboration with the SOC team, defined targets are worked towards in order to simulate various attacks

  • Indicators of Compromises (IoCs) are generated for the SOC team through the replay workshop
  • The IoCs can be used to establish rules so that attacks can be detected more quickly in future
we transform for the better

Clear & understandable

We understand that reports are an essential part of our service delivery. Our reports are therefore essentially divided into two sections: the "executive summary" for management and the "detailed findings" for the technical team. Of course, we not only provide you with the findings themselves, but also an assessment of the weakness and a recommendation on how you can rectify it.

Qualified test center within the meaning of the NISG

Fulfillment of necessary requirements, which are also validated accordingly by the BMI

  • Experienced auditors
  • Security-cleared auditors within the meaning of the Security Police Act (§ 55a para. 2 SPG)
  • Taking own security precautions (e.g. ISO27001 certification)
  • Use of suitable hacker tools
  • Application of a suitable testing process
  • Appointment by decision
  • Companies with a head office and registered office in Austria

Tried and tested

0a4d0904-0e15-4d77-b34f-79a33747acd8
52e367db-ed07-4acb-a99f-80345f9b1f2f
21915ad8-5d40-46bf-9fe7-cc65bd07699c
70627fb7-afd8-4adf-9b04-79da5de9303b
464991ee-6136-43dd-b38b-225ba9063191
c8b51e62-b250-4657-9b17-d8c72b551a7b
assertion-tESRj rVQ06c7-tvHTDrJw
image (1)
image (2)

Blue Team Deepdive

Read more

Purple Team

Read more

Information Security Management

Read more

OT Security

Read more

IT Security

Read more
How may I help you?