The endangerment on companies and institutions due to targeted attacks is steadily increasing. With such an attack on your company network, we simulate an Advanced Persistent Threat, thus checking your IT security measures.
For this purpose, the red team (the attackers) does not receive any other information than the company name. Therefore, it performs an attack as a black box test from an external viewpoint.
In doing so, three key aspects of corporate security are considered:
A red teaming test is comparable to a firefighting exercise. The read team sets fire so you can check whether you are able to react appropriately in an emergency and therefore put out the fire.
Red teaming offers various findings for different corporate departments. A red teaming assessment will answer the following questions:
Akgül Özcelik will glady arrange an appointment for you
with one of our sales consultants
anfrage(at)syss.de
+49 (0)7071 - 40 78 56-6217
Red teaming projects are carried out for several months and usually run through the following project phases:
A red teaming assessment usually also includes social engineering attack vectors. In most cases, these are difficult to implement due to internal guidelines and the corporate structure. For this reason, SySS GmbH offers the possibility of performing a solely technical red teaming assessment.
During a red teaming assessment, different techniques are used which are also applied in typical penetration tests. Additionally, new modules are added. Some of these modules can be viewed in a separate assessment, detached from the red teaming context. They provide insight into technical security, the implementation of your processes, as well as the awareness of your employees.
Often, a few access data can be sufficient for an attacker to invade the corporate network. Apart from technical measures, the employees’ security awareness presents the most efficient protection. In order to evaluate the awareness of your employees and train them accordingly, SySS GmbH offers a custom-fit simulation of a phishing attack for your company, as well as a follow-up analysis. You have the possibility to choose from a range of precast scenarios or propose one yourself.
Exemplary scenarios:
In case it is required, all phishing websites are individually customized to the corporate design of the customer. We offer phishing campaigns on different levels. Mail and website can contain either multiple or no typical distinctive features.
SySS GmbH offers three different phishing campaigns:
Moreover, we offer targeted training for the used attack vectors. Those can be performed upon request as online training or on-site presentation.
The following results are to be expected from a phishing assessment:
A physical assessment contains the examination of your company site’s physical security. During such a test, SySS GmbH tries to gain access to internal premises by exploiting weaknesses concerning the access control, processes and the employees’ awareness.
Possible goals:
The goal hereby is to use as little social engineering as possible. If necessary, the intensity of the respective attack method will be increased. As is the case with all projects including social engineering, the SySS social engineering ethics guide the procedure (cf. SySS White Paper, p. 81).
The following results are to be expected from a physical assessment:
DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de | OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99
As a framework contract customer please dial the provided on-call service number
DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de
OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99
As a framework contract customer please dial the provided on-call service number
GET IN TOUCH
+49 (0)7071 - 40 78 56-0 or anfrage@syss.de
OUTSIDE REGULAR OFFICE Hours
+49 (0)7071 - 40 78 56-99
As a framework contract customer please dial the provided on-call service number