Red Teaming

Attack emulation by certified experts

Identify and eliminate hidden vulnerabilities in your IT security.

Test your defenses and defenders against an emulated APT attacker

In a Red-Team deployment, Redlings attempts to model a threat actor. Because Red Team deployments test not only the technology but also the effectiveness of existing processes, often very few people in the organization are familiar with a Red Team at any given time.
Because testers try to stay below the security team's radar, red-team deployments typically require more time and effort. Red team deployments require attacks that are tailored for each individual deployment.

Red-Team

A Red-Team follows the entire attack lifecycle executed by sophisticated, persistent attackers. In doing so, Redlings receive little or no information at the beginning of the assessment, as a Red Team is meant to emulate a real-world targeted attack. The objectives and framework of such a test are agreed upon in advance between your company and Redlings. An agreed ethical approach should take priority over the effectiveness of attack techniques, but is often in tension with the usual approach of real attackers.

The process of a Red Team

.
A Red Team assessment begins with the setup of an external command and control (C2) server. From such servers, Redlings will send commands to already compromised systems in your organization. In doing so, the external C2 infrastructure uses network communication protocols that attempt to evade detection by your employees, by your service providers, and by your deployed technology.
We audit externally accessible IT systems for immediate compromise. Due to the widespread use of social engineering methods by modern attackers, Redlings is also likely to use social engineering attacks for initial compromise. This may include email- or phone-based social engineering in particular.
After the initial compromise, Redlings will look for means to escalate user privileges and move around your internal network. One of our goals will likely be to gain domain administrator privileges on your internal network.
Redlings uses domain administrator privileges as needed to achieve the specified objectives for the assessment. All activities described are performed in a manner to minimize detection by Blue team members. We use open source tools, commercial tools, and also in-house development for our Red Team assessments. The toolset and procedures used are typically tailored to the attackers being emulated.
A Red Team Assessment is a service offering for organizations that already have a mature security program and are seeking to test their defenses and incident response procedures against a determined adversary.

Why Redlings?

Porto Headers
A Trusted Partner

In-depth threat analysis and consultation

Include current Cyber Threat Intelligence information

A deep understanding of how hackers work

In accordance with recognized rules of technology (BSI, PTES, PCI DSS, OSSTMM, NIST, OWASP)

Comprehensive post-test support for effective elimination of detected risks

.

Your Contact

Dr. Ewan Fleischmann

Founder

  • Over 15 years in IT security
  • Consulting for medium-sized businesses, DAX companies and financial institutions.
  • PhD thesis cryptography with 15+ international publications in IT security.
  • Conference Speaker and Trainer
  • SANS Advisory Board Member
  • 15+ certifications, including CISSP, OSCP, OSCE.


Have we sparked your interest?

Just give us a call or write us a message!

Erfolgreich! We have received your request. Thank you very much.
Fehler! An error occurred while sending. Please use another way to contact us!

Ratgeber

We use cookies to improve user experience and analyze website traffic. Read about how we use cookies and how you can control them by clicking "Privacy Preferences".

Privacy Preferences I Agree

Privacy Preferences

When you visit any website, it may store or retrieve information through your browser, usually in the form of cookies. Since we respect your right to privacy, you can choose not to permit data collection from certain types of services. However, not allowing these services may impact your experience.