RED TEAM AND PURPLE TEAM SERVICES
Our philosophy: do whatever it takes to get in.
Our approach: identify high-risk vulnerabilities in your company’s technology, people, and processes then demonstrate how an adversary will break in and steal your crown jewels. Our goal: assess our clients’ resilience and response to a targeted breach.
To achieve that goal, we employ every technique at our disposal – including emulating real threat actors your company faces, performing social engineering attacks and gaining access to physical premises – to determine your organization’s security posture and incident response capabilities. Our red teams are stealthy, focusing on multi-vector, chained attacks that test the effectiveness of your security defenses. Our purple teams are collaborative, working with and training your blue team throughout the attack process.
IOActive’s red team and purple team services challenge the technical, operational and business assumptions made by the people in your organization, enabling us to identify the areas of significant risk.
- Threat Emulation
With threat emulation, our team adopts the tactics, techniques and procedures (TTPs) of an attacker determined to get inside your network. This approach focuses on multi-vector, chained attacks, emulating real threat actor’s methods to penetrate your security defenses. We infiltrate digital assets, networks and human resources to determine the risks and vulnerabilities in an organization’s IT and human assets.
Methodologies include physical and cyber penetration testing as well as social engineering – impersonation, phishing, smishing, and pretexting.
- Physical Intrusion Testing
Using any means necessary, our team infiltrates your headquarters and branch offices by hacking camera systems, cloning RFID cards, pretexting, tailgating, and social engineering. We think like an attacker and breach your defenses accordingly.
- Social Engineering
Emulating the same methods used in today’s largest breaches, our red team uses social engineering to exploit the human element of your organization. We employ techniques such as spear phishing, voice calls, onsite impersonation and social network attacks to gain access to your critical physical and IT assets.
- Attack Resilience and Incident Response
In our red and purple team assessments, our goal is to determine how resilient your security operations are against a determined threat actor and identify gaps in your organization’s preparedness to respond to a targeted attack. We answer the question: “How well do your company’s security controls and processes withstand a sophisticated attack, recover and respond to it?”
We design attack paths and campaigns appropriate to your company’s particular environment and industry. Then, we methodically execute attacks based on the intelligence gathered in the planning phase. Throughout attack execution during a purple team test, our red team works closely with your blue team to assess the level of attack visibility and validate whether or not existing security controls can detect or block each attack.
Ultimately, our red and purple teams’ goal is to assess your company’s risks, find its vulnerabilities and help you secure your most valued assets.