It is imperative for an organisation to understand how prepared it is to defend against a skilled and persistent hacker or attacker. NSI Global believes that a red team penetration test is a must for this purpose. This operation is different to a standard penetration test which tests a specific set of security controls and vulnerabilities over a short period of time. Rather, a red team exercise focuses on the goal rather than the method; the goal being access, and is usually conducted over a period of weeks to months.
Red team penetration testing involves NSI’s Offensive Cyber Security Unit (OSCU) putting themselves in the place of a real, motivated attacker, throwing away the rule books. They will do whatever they can (only with your written authority), to gain access into and out of the premises without being detected. Doing this provides the indispensable opportunity to find any bias, blind spots, or presumptions in your organisation’s security posture as a whole.
A red team engagement will involve intelligence, surveillance and reconnaissance for physical red teaming or remote network access for cyber red teaming utilising all types of penetration testing methods such as social engineering, cyber penetration, and physical penetration.
Once completed, our red team penetration reports allow you to evaluate your response to an attack, identify and classify security risks, uncover hidden vulnerabilities, address identified exposures, and prioritise future investments.