Red Team Operations


What is a Red Team?

Red Teams are independant organizations tasked with testing the security policies, techniques and procedures in use for defense of assets protected by an organization. Initially, Red Teams evolved from military organizations in order to demonstrate, and subsequently mitigate, the weaknesses in military security or planning. According to the United States Army, "red teaming" is defined as a “structured, iterative process executed by trained, educated and practiced team members that provides commanders an independent capability to continuously challenge plans, operations, concepts, organizations and capabilities in the context of the operational environment and from our partners' and adversaries' perspectives.”

Who needs the services of a Red Team?

Many governmental or large corporate organizations maintain their own Red Teams in order to constantly test the security measures in place for those organizations. Maintaining such a full-time team, with the skills, equipment, and training necessary to stay "up to date" can be a costly endeavor, which, depending on the size of an organization, may not be worth pursuing. However, that doesn't mean you can't contract the services of a separate contract entity on a periodic basis.

What would VIATOR Solutions' Red Team Operations do for us?

If contracted, our Red Team would first negotiate specific rules of engagement, and gather objective data, determining what, exactly, would constitute a successful Red Team operation. In some cases, this might be the physical infiltration of an organization's facility, or obtainment of access authorization in a non-standard manner. After determining what the target goal would be, and what the behavioral bounds of such an operation would be, our Red Team would perform a complete assessment of the security measures protecting the given assets. After the assessment, we would work to determine multiple plans of attack, revising our plans after each iteration of analysis. Finally, we would attempt to execute that attack, changing specific tactics as conditions on the ground might dictate.

After the execution phase, we would document every step of our attack, with measurable examples of success or failure, and then summarize and prioritize remediation steps that we would suggest your organization should take in order to prevent an actual attacker from using similar strategies to gain unauthorized access to your internal assets.

Three Vectors of Attack

In the course of developing our plan of action, we would be utilizing three potential vectors of attack; physical security attacks, digital security attacks, and social engineering attacks. Our ultimate goal is to provide your organization valuable insight into what your adversaries might be willing to try in order to violate your security. We serve as an "adversary simulator", trained to observe and react to the security policies and procedures you have in place, with a focus on helping you discover what your security personnel may have missed.



'A single spear-phishing email carrying a slightly altered malware can bypass multi-million dollar enterprise security solutions if an adversary deceives a cyber-hygienically apathetic employee into opening the attachment or clicking a malicious link and thereby compromising the entire network.' - James Scott