3. Red Teaming

Red Teaming: Targeted attacks to assess the security of your company

Simulating APT – Improving Resistance

The endangerment on companies and institutions due to targeted attacks is steadily increasing. With such an attack on your company network, we simulate an Advanced Persistent Threat, thus checking your IT security measures. For this purpose, the red team (the attackers) does not receive any other information than the company name. Therefore, it performs an attack as a black box test from an external viewpoint.

In doing so, three key aspects of corporate security are considered:

  • System security
  • Processes
  • Know-how and raising awareness of the employees

A red teaming test is comparable to a firefighting exercise. The red team sets fire so you can check whether you are able to react appropriately in an emergency and therefore put out the fire.

Knowledge gain

Red teaming offers various findings for different corporate departments. A red teaming assessment will answer the following questions:

  • CSIR: Do we recognize targeted attacks and are we able to repel them?
  • Corporate management: Is an attacker able to undertake the company IT within x days?
  • Compliance/revision: Are required procedures available and are they being maintained?
  • Training instructors: Are further awareness measures required?

Test design

Red team projects are carried out for several months and usually run through the following project phases:

  • Kick-off workshop
  • Digital public footprint
  • Information gathering
  • Persistence in the corporate network
  • Social engineering
  • Compromising systems and services
  • Privilege escalation
  • Actions on objective
  • Triggering protective systems and processes
  • Rectification of the Advanced Persistent Threat simulation
  • Documentation

Red Teaming without Social Engineering

A red teaming assessment usually also includes social engineering attack vectors. In most cases, these are difficult to implement due to internal guidelines and the corporate structure. For this reason, SySS offers the possibility of performing a solely technical red teaming assessment.

 

Your contact person for red teaming

Steffen Stepper
steffen.stepper(at)syss.de
redteam(at)syss.de
+49 (0)7071 - 40 78 56-6157
PGP Key

A portrait of SySS Managing Director Sebastian Schreiber

You are interested in red teaming?

We will ensure that you are being taken care of.
Gizem Düzgün will gladly arrange an appointment for you with one of our sales consultants.

A portrait of your contact person Gizem Düzgün

 

Gizem Düzgün 
+49 (0)7071 - 40 78 56-6237
anfrage(at)syss.de 

DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de | OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number

DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de

OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number

GET IN TOUCH

+49 (0)7071 - 40 78 56-0 or anfrage@syss.de

OUTSIDE REGULAR OFFICE Hours

+49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number