Strengthen your blue team against today's threats with a red team exercise from QinetiQ
How resilient are you?
The main aim of any red team security exercise is to quickly help the client become more resilient by exercising and strengthening their blue (defensive) teams. Red teaming on a frequent basis can significantly increase your resilience and reduce the impacts of a real breach, though significant improvements can be made from the very first engagement.
What is a red teaming exercise?
A red team exercise is one of the most advanced security assessments an organisation can undertake, accurately simulating the latest targeted attack types and methods used by real world adversaries, across different threat levels providing evidence based results. Our world class advanced red team exercises include simulating the latest online attacks, phishing, exfiltration of sensitive company data (as agreed) to onsite physical breaches using social engineering, tail-gating, lock-picking and cloning RFID passes, etc. All of these exercises allow us to evidence your current business critical risk to enable swift improvements, increasing resilience and providing a much higher level of assurance.
Specialist advanced red team exercise types:
Full Spectrum Red Team Exercise (Advanced Intrusion Exercise - AIE)
Pro-actively examining the real-world threat posed by targeted attackers by combining social engineering, physical breach and traditional cyber-attack methodologies, the AIE provides the most comprehensive practical exploration of breach simulation. Performed by highly qualified and trusted security specialists, the AIE can safely emulate nearly any potential threat actor from insider threats to nation state level, dependent on the client needs or business type.
Multi Scenario Advanced Attack Simulation (MSAAS)
Popular with FTSE250 organisations, this exercise is delivered over a longer period of time (e.g. 6-9 months) allowing a more stealth based, APT approach mimicking real world adversaries as closely as possible compared to more traditional and common time bound exercises. We design and execute multiple attack scenarios, supported by an open source intelligence gathering exercise tailored to an organisation, while emulating the capabilities and latest techniques of threat actors. The MSAAS service provides an organisation the opportunity to evaluate its realistic ability to defend against real world threats.
Red Team Cyber Attack Simulation
As cyber or remote attacks continue to grow as a highly likely and common attack path, accelerated further throughout COVID19, we safely emulate the cyber only elements of a targeted attack, network implants, spear-phishing, and Internet based attacks can be the starting point, with the goal being lateral movement through the network towards key assets, and ultimately exfiltration. Examining the effectiveness of security controls, accuracy of alerting, and efficacy of incident response playbooks.
The best time to test a Blue Team and an organisation’s resilience is before it is attacked. Our Purple Team exercise is designed to team up our Red Team specialists with your Blue Team defenders to identify tools, signatures and techniques used by threat actors before they become a problem.
Benefits of Red Teaming
- Emulates real world threat actors and vectors in controlled environments
- Assess the effectiveness of physical controls and human practices
- Provides real, actionable intelligence against security posture
- Exercise SOC capabilities in real time with attack methodologies
- Engagement run over extended period, mimicking a true threat actor
- Highly-experienced, SC and DV-cleared CHECK specialists
- Uses network implants, spear- phishing and OSINT helping to understand online threat footprint and current risk. • Tests obtaining a foothold on internal and external networks
What sets up apart?
With our rich heritage, deep expertise and specialised experience protecting UK sovereignty, we can bring this expert level of visibility and knowledge to our commercial clients both from a risk perspective and by simulating the latest advanced threats and likely attack paths applicable to an organisation in a particular sector.
This knowledge is also supplemented by our own threat intelligence, SOC/protective monitoring (hyperlink) and advanced threat hunting teams, again meaning that our clients gain optimal value from their investment when utilising our security testing services.Our SHC team maintain the highest levels of certifications - CHECK, CREST and Tigerscheme and were integral to the very formation of the CHECK scheme, originally under CESG (part of GCHQ) as well as a founding member of CREST.