There are many misconceptions about what effective red team exercises entail. Overall, a Red Team Exercise should involve live testing of an environment to identify potential gaps in security controls. Instead of simply testing an isolated system or identifying patch deficiencies, the engagement should be a true test of the organization’s entire control set. When scoping a Red Team Exercise the engagement should be flexible and meet the needs of a particular organization. Many decisions need to be made in collaboration with the red team assessors and the partner. This includes starting and entry points during the assessment and proper communication channels. Typically, the red team shouldn’t know much about the environment they are about to assess. Despite this, the red team should provide a project plan and document the types of exploit techniques that will be attempted. This ensures the organization will attain value from the assessment and gives the partner the opportunity to adjust prior to the engagement commencing. Our team engages in an all-out attempt to gain access to a system by any means necessary including cyber penetration testing, testing all wireless and RF systems present for potential wireless access, and testing employees through scripted social engineering and phishing tests. These are real-life exercises carried out by a select group of highly qualified individuals who are contracted to assess a system’s cyber security.
SpearTip builds attack scenarios according to each stage of the compromise. These attached scenarios are correlated to the MITRE framework. SpearTip will report on all successful and unsuccessful attempts. This gives the organization insight into both strengths and weaknesses of their cyber security program.
• Social Media
• Password Dumps
• Dark/Deep Web
• Social Engineering Data Collection
• Network Probing
• Service Enumeration
• Remote Access Solutions Discovery
• IT Vendor Enumeration
• Phishing Emails
• Custom Malware Deployment
• Credential Testing and Usage of VPN/Remote access
• Disabling of Security Tools
• Password and Hash Dumping
• Establishing Internal Targets
• Moving to Target System
• Gain Access to Sensitive Systems
• Identify Target Data
(HR Files, Trade Secrets, PII, PCI, Email, etc.)
• Pool Data
• Circumvent Outbound Network Filter
• Test Sending of Outbound Data
• Removal of Malware
• Clearing of Log Files
• Establish “Legitimate” Backdoor
• Creation of Dedicated User Accounts
SpearTip’s Red Teams are staffed with cyber experts who are constantly triaging and responding to live threats inside environments. We understand the most successful attack techniques because we prevent them through our ShadowSpear Platform. All this intelligence is used to build highly effective assessments, that go beyond immature trophy hunting and expose real opportunities for improvement. At the end of the engagement, we produce comprehensive reports with clear and straightforward recommendations to resolve the identified issues.
24/7 Breach Response: US/CAN: 833.997.7327
Main Office: 800.236.6550
1714 Deer Tracks Trail, Suite 150
St. Louis, MO 63131
©2023 SpearTip, LLC. All rights reserved.