Red Teaming

Simulating APT – Improving Resistance

The endangerment on companies and institutions due to purposeful attacks is steadily increasing. With such an attack on your company network, we simulate an Advanced Persistent Threat, thus checking your IT security measures.

For this purpose, the Red Team (the attackers) does not receive any other information than the company name. Therefore, it performs an attack as a black box test from an external viewpoint.

In doing so, three key aspects of corporate security are considered:

  • System security
  • Processes
  • Know-how and raising awareness of the employees

A Red Teaming test is comparable to a firefighting exercise. The Read Team sets fire so you can check whether you are able to react appropriately in an emergency and therefore put out the fire.

Gain of knowledge

Red Teaming offers various findings for different corporate departments. A Red Teaming assessment will answer the following questions:

  • CSIR: Do we recognize purposeful attacks and are we able to repel them?
  • Corporate management: Is an attacker able to undertake the company IT within x days?
  • Compliance/revision: Are required procedures available and are they being maintained?
  • Training instructors: Are further awareness measures required?

(copy 1)

For detailed project advice

Bettina Hügel will gladly arrange an appointment for you 
with one of our sales consultants
anfrage(at)syss.de 
+49 (0)7071 - 40 78 56-6176

Test design

  • Kick off-workshop
  • Digital public footprint
  • Information gathering
  • Persistence in the corporate network
  • Social engineering
  • Compromising systems and services
  • Privilege escalation
  • Actions on objective
  • Triggering protective systems and processes
  • Rectification of the Advanced Persistent Threat simulation
  • Documentation

Red Teaming without Social Engineering

A Red Teaming assessment usually also includes social engineering attack vectors. In most cases, these are difficult to implement due to internal guidelines and the corporate structure. For this reason, SySS GmbH offers the possibility of performing a solely technical Red Teaming assessment.