Benefits of attack simulation
![](/img/icons/attack_surface.png)
Exposing a larger attack surface which usually includes many assets haven't been covered during ordinary penetration testing.
![](/img/icons/soc.png)
Finding out how will your SOC team respond against a real threat.
![](/img/icons/employees.png)
Finding out if your employees are aware enough against main security threats.
![](/img/icons/misconfigurations.png)
Identifying the misconfiguration of your security appliances as well as the endpoint security software.
RedTeam Ops. Vs Penetration Testing
Regular Penetration Testing
|
Red Team Operations
|
|
---|---|---|
Main Objective |
Focusing on security assessments to find as many vulnerabilities as possible |
Simulating a targeted attack against organization to evaluate security controls in place and detection and response of organization’s security teams |
Recommended Time |
Early stage to find and patch security issues either on applications or network devices |
More mature stage after having penetration testing done one or multiple time |
Scope |
Limited to specific scope and be done with the knowledge of the staff |
More wide scope, being done without informing most of organization's staff. |
Post Exploitation |
Minimal exploitation of discovered vulnerabilities to take out the false positive |
Exploiting discovered vulnerabilities in a manner that leads to achieving the target of the operation. |
Detection Evasion |
Not focusing on avoiding detection by SOC / Blue team if found |
Trying to avoid being detected by the SOC / Blue team for the longest period of time during the operation |
Social Engineering |
No social engineering against employees is involved in the process |
Using social engineering and other techniques to measure employees awareness and obtain access |
Go with Penetration Testing | Go with Red Team Operations |