ARE YOU RED TEAM READY?

1. ARE YOU RED TEAM READY? Version: 1.2a Date: 26/09/2018 Author: Sylvain Martinez Reference: ESC12-MUSCL Classification: Public

2. 2 • Vulnerability Assessment concept; • Penetration testing concept; • Red team concept; • Traditional cycle; • Red team cycle; • Red team realistic simulation; • Answering different questions; • Hacking scenario; • Hacking milestones; • Find targets; • Get physical access; • Compromise target; • Exfiltrate secret; • Do not get caught!; • Assembling the team; • Execution; • To be careful of; • To do as a priority; CONTENTS PUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT • Future of red teams; • Can you name those devices? • Answers RED TEAM READY

3. VULNERABILITY ASSESSMENT CONCEPT NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT 3RED TEAM READYPUBLIC LARGE SCALE AUTOMATED CHEAP REGULAR Icons from the Noun Project unless specified otherwise

4. PRENETRATION TESTING CONCEPT 4RED TEAM READYPUBLIC FOCUSED SKILLED AND MORE MANUAL COSTS MORE ON DEMAND/LESS REGULAR NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

5. RED TEAM CONCEPT 5RED TEAM READYPUBLIC SCENARIO BASED HIGHLY SKILLED EXPANSIVE ON DEMAND/WHEN NEEDED NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

6. TRADITIONAL CYCLE 6RED TEAM READYPUBLIC 2. RECONNAISSANCE 1.PREPARATION 3. DISCOVERY 4. VALIDATION 5. ANALYSIS6. REPORTING 7. PRESENTATION NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

7. RED TEAM CYCLE 7RED TEAM READYPUBLIC 2. RECONNAISSANCE 1.PREPARATION 3. DISCOVERY 4d. EXFILTRATION 5. ANALYSIS6. REPORTING 7. PRESENTATION 4c. FOOTHOLD 4b. EXPLOITATION 4a. VALIDATION NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

8. RED TEAM REALISTIC SIMULATION 8RED TEAM READYPUBLIC PHYSICAL / LOGICAL / SOCIAL EMULATE HACKING TECHNICS ESTABLISH PERSISTANCE EXTRACT DATA DEMONSTRATE NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

9. ANSWERING DIFFERENT QUESTIONS! 9RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT RED TEAM EXERCISE CAN MY CONTRACTS BE STOLEN? DO WE HAVE VULNERABILITIES?VULNERABILITY ASSESSMENT CAN MY WEBSITE BE HACKED?PENETRATION TESTING

10. HACKING SCENARIO 10RED TEAM READYPUBLIC OBJECTIVES • FINANCIAL CONTRACT GOT STOLEN 2 MONTHS AGO; • NOW STORED IN SECURED SERVER IN SECURED ROOM; • CAN THE CONTRACT BE STOLEN AGAIN? NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT INFORMATION GIVEN • NAME OF THE CONTRACT; • 3x INDIVIDUALS’ NAME RELEVANT TO THE CONTRACT; • THE COUNTRY WHERE THE CONTRACT IS LOCATED.

11. HACKING MILESTONES 11RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT 1. FIND TARGETS 2. GET PHYSICAL ACCESS 3. COMPROMISE ASSET 4. EXFILTRATE SECRET 5. DO NOT GET CAUGHT!

12. FIND TARGETS 12RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

13. GET PHYSICAL ACCESS 13RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

14. COMPROMISE TARGET 14RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

15. EXFILTRATE SECRET 15RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

16. DO NOT GET CAUGHT! 16RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

17. ASSEMBLING THE TEAM 17RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

18. EXECUTION 18RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT PROFESSIONALISM MANDATE

19. TO BE CAREFUL OF 19RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT RENAMING PEN TEST TO RED TEAM KEEPING STAFF HAPPY TRAINING STAY SAFE AND DON’T BECOME A TROJAN HORSE HOW REALISTIC CAN YOU BE SCENARIOS TOO WIDE/AMBITIOUS

20. TO DO AS A PRIORITY 20RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT CLEAR MILESTONES STAKEHOLDERS ENGAGEMENT BE REALISTIC PROVIDE COMPREHENSIVE THREAT VIEW GET A TEAM WITH DIFFERENT SKILLS

21. FUTURE OF RED TEAMS 21RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT MORE DEMANDS PURPLE TEAM OFFENSIVE LEGITIMISATION

22. CAN YOU NAME THOSE DEVICES? 22RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

23. ANSWERS 23RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT

24. © 2018 ElysiumSecurity Ltd. All Rights Reserved www.elysiumsecurity.com ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ELYSIUMSECURITY provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ELYSIUMSECURITY provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. ELYSIUMSECURITY operates in Mauritius and in Europe, a boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.

ARE YOU RED TEAM READY?

You are reading a preview.

ARE YOU RED TEAM READY?

More Related Content

Similar to ARE YOU RED TEAM READY?

More from Sylvain Martinez

Featured

Related Books

Related Audiobooks