DoDD 8570.1: Red Team
A Red Team works in a covert manner on a focused target of testing using "extreme" techniques.
According to DoDD 8570.1, a Red Team is: "An independent, focused threat-based effort by an interdisciplinary, simulated adversary to expose and exploit vulnerabilities to improve IS security posture."
We have an experienced Red Team with skills in several areas of penetration testing.
A Red Team exercise is an authorized, adversary-based assessment for defensive purposes, and may include:
- Developing attack vectors
- Performing reconnaissance or stake-out
- Collecting open-source intelligence
- Footprinting system networks and services
- Developing exploit payloads to gain entry and escalate privileges, likely through:
- Software errors (bugs, buffer overflows, unhandled input, race conditions)
- System mis-configuration (default settings, backdoors, security holes)
- Sniffing (network and protocol monitoring)
- Password cracking
- Operating system or protocol mis-configuration
- Social engineering
- Performing system monitoring or capture a "flag"
- Developing backdoors, manipulate audit logs, etc.
- Developing extensive reporting to detail problem areas to be addressed
The Blue Team
A "Blue Team" works with the System Owner and System Administrators to develop effective Computer Network Defense (CND) for the network.
- Secure Communications
- Global Key Management
- Identity Authentication
- Cyber Security Solutions
- Cyber Range
- Smart Grid Security
- Computer Network Defense
- Certification & Accreditation
- Penetration Testing
- Vulnerability Analysis
- Security Hardening Services
- Digital Forensics
- Automated Tools Development
- Security Policy Development
- Security Education & Training
- Product Development