plain enumeration of potential security weaknesses : proper penetration testing engagement , applied to an external perimeter , corporate network or both , would show how a malefactor would behave if targeted to compromise a company ’ s IT infrastructure .
Methodology-wise , pentest is mostly a manual service that relies more on the knowledge and experience of the expert team performing it rather than on tooling and automation . Considering the above , you should plan the project accordingly : typical engagement might take you everywhere from 30 to 60 business days for the practical part and reporting . And since reporting is the key deliverable of the whole exercise , when choosing a service provider , pay close attention to what would be included in your report . Most established vendors would have a sample report that you could request to evaluate whether the final product would match your expectations .
Finally , a red teaming service is focused on the assessment of a company ’ s
The key steps to fulfilling your own expectations from any kind of security assessment service are : taking the time to formulate your needs and ensuring that the vendor understands how to satisfy them with their offering .
operational security capabilities via conducting a sophisticated attack simulation exercise and evaluating detection and response reaction of defending SOC specialists ( blue team ). Though it may look similar to penetration testing , there are significant differences behind testing security operations ( OpSec ) and looking for attack vectors .
The methodology and scope of each red teaming exercise are heavily dictated by threat intelligence ( TI ) gathered prior to the engagement . During penetration testing , a service provider is trying each and every attack vector that would aid in breaching IT infrastructure security . During red teaming , the customer and service provider develop a set of goals together , to be reached via a corresponding set of attack scenarios . These would be the most relevant for the company based on the results of a deep threat intelligence research . In most cases the scope would not be limited by any particular IP addresses or domains , instead covering the whole organisation , including people and processes . These kinds of exercises also last longer than any others , half a year or even longer , due to the need to simulate lowprofile behaviour of a real attacker .
So now when you ’ ve seen all the typical propositions and weighed up your real needs , ask yourself one more question before starting the hunt for the top red teaming service provider : “ how did my SOC perform the last time we ordered a proper pentest ?” If your answer is akin to : “ oh , well now I ’ m unsure if we ’ ve ever conducted one ” or “ actually we don ’ t have a dedicated security operations team right now ”, then you probably won ’ t get the bang for your buck that a red teaming engagement would cost and you may get better value from hiring an expert penetration testing team . Just remember to ask them to keep a timestamped track of all the indicators of attack and compromise . If , on the other hand , your answer would include such cryptic terms as , “ threat hunting ”, “ MTTD ”, “ MTTR ” or similar – then chances are you ’ re good to go for a red teaming adventure . •