Red Team Exercise is destined to reveal the readiness of an organization to withstand the real cyber threats and provides an overview of gaps in enterprise defense capabilities.
Conducting a periodic Red Team Exercise allows to gather valuable insight about technology, people, and process weaknesses inside an organization, which serves as a foundation for an effective cyber security strategy and roadmap.
In the first stage, the testing scope is agreed, ie what is tested in more detail and what is excluded from the test. The initial planned workload is also agreed upon, and depending on the nature of the test, the goals of the red teaming exercise towards which the testers will work. An overall approach and a team of project participants who are aware of the test are agreed. Each test is unique in nature because each application and organization is different.
The three most common approach of testing are:
Agreement conditions are defined in the Statement of Work, which consists of the following details:
The purpose of the post-engagement stage is to provide the Customer with a through report of findings revealed durning the previous stage, illustrating the outcome of the exercise and carried out activities. Report will contain finding remediations. On Customer’s request, CYBERS will conduct a briefing of findings to the Customer’s personnel, such as executives, management, technical staff and other required stakeholders.
Report will be in English, unless stated otherwise in Statement of Work.
Final report will be provided within 1 week(s) after the work is completed.