Red Teaming of information systems is an advanced form of assessment performed by a team of highly skilled penetration testers and security specialists.
Considerations about Red Teaming Usage in Assessing Information Assurance is an article that I have recently written and presented to SECITC 2010 security conferece. Please find below the abstract and table of contents which should increase your interest for reading it.
Abstract: Red Teaming is an advanced form of assessment that models and simulates adversary actions with the overall purpose of discovering target’s weaknesses and improving its defenses. Also known as ethical hacking, penetration testing or security assessment, Red Teaming of information systems offers reliable information about the effectiveness of defense mechanisms implemented. The paper presents the Red Teaming process from both perspectives: the client and the assessor, covering various aspects like: motivation, assessment types, client benefits, client risks, assessment planning, team organization, attack preparation, execution and reporting.
- What is Red Teaming?
- Red Teaming assessment from the client’s perspective
- Why should an organization use a Red Teaming assessment?
- When is the best time to use a Red Teaming assessment?
- What are the benefits for the client?
- What are the risks for the client?
- What type of assessment should be chosen?
- Who can be the target?
- Red Teaming assessment from the provider’s perspective
- Define assessment objectives
- Assemble the Red Team
- Reverse engineer the target
- Create and validate attack trees
- Assign Red Team members to attacks
- Prepare tools and methods
- Perform collaborative attacks
- Create the report
- Explain report to client