Red Team

Mission-oriented Threat Emulation

Red Teaming is mission-oriented, adversarial threat emulation designed to test an organization’s readiness to withstand and detect a targeted attack. The InGuardians Red Team assessment combines decades of deep technical knowledge with bleeding edge tactics to deliver insight into a business’ true risk.

Read More
e

Mission Oriented

Threat Emulation

Covert Operations

Advanced Persistent Testing™

InGuardians RedTeam services focus on testing an organization’s readiness to detect, deter, and withstand attacks.  Our RedTeam operators utilize offensive tactics, techniques, and procedures to gain access to an organization’s critical assets.  The underlying philosophy behind all of InGuardians Red Team services is to “model the threat”.  

All of our RedTeam services begin with determining the threat profile of the client.  In this process our entire team identifies the threats and actors that pose the most risk to your organization.

What is Red Teaming?

Red Teaming is mission-oriented, adversarial threat emulation designed to test an organization’s readiness to withstand and detect a targeted attack. The InGuardians Red Team assessment combines decades of deep technical knowledge with bleeding edge tactics to deliver insight into a business’ true risk.

Attackers compromise organizations, exfiltrate their data, all while going completely undetected. Employees grant the attackers a foothold, falling victim to phishing, drive-by-downloads, social engineering, or physical attacks. The attacker maintains persistent and stealthy access to the company’s internal network , but this is just the beginning. Attackers gain this access, then pivot to other systems mercilessly.

Red Teaming is different from penetration testing. A penetration test is typically a focused vulnerability assessment coupled with exploitation. Red Teaming at InGuardians involves mission-oriented operations, team collaboration, and multi-vector chained attacks, custom-tailored to deliver a cutting-edge adversarial emulation assessment. InGuardians defines the mission during each Red Team engagement to emulate the specific threats facing the organization or its industry. Red Team missions are often unhindered in scope, applying to all attack vectors from physical and social engineering to network and application exploitation.

Red Team operations can last for several weeks to months. Some organizations even utilize multi-year engagements. Critical to a Red Team engagement, the team collaborates using multi-vector, chained attacks. Put simply: multiple actors, exploiting and chaining different attack paths, collaborating to use any and all means to accomplish the mission. The InGuardians approach directly models the most lethal threats organizations face today by cyber-criminals, hacktivisits and advanced persistent threats (APT).

Acting as one unit, one operation, the InGuardians Red Team leads within the industry at emulating and conducting stealthy operations. InGuardians Red Team develops and conducts its operations using Tactics, Techniques, and Procedures (TTP’s) that mimic today’s sophisticated attackers.

Hardware Testing

Own the device? Pwn the device.

Hardware manufacturers should design their products as if their only users were state-sponsored attackers. Putting your hardware into the hands of millions of consumers puts the hardware into the hands of millions of potential hackers.  InGuardians has lead the industry in defining best practices for testing and deploying network-connected devices.  InGuardians’ team of hardware hackers brings over a decade of experience breaking into and securing Smart Grid systems and hacking Internet of Things devices.  Contact us to test your hardware devices before you deploy them or integrate them into your solution.

Social Engineering and Phishing

Test and harden your personnel against social engineering attacks.

InGuardians social engineering assessments model various threats your organization faces through phishing, vishing, and in-person attacks. Our team develops thoroughly-researched and believable pretexts to test the ability of your employees to identify social engineering attacks, whether they come by e-mail, phone calls, or face-to-face. Looking to test the effectiveness of your security awareness program or the likelihood of your employees allowing an attacker to run code their workstation, InGuardians Operators will identify the most likely attack vectors and act on them to deliver the results you need to protect your most valuable resources.

Network Penetration Testing

A deep assessment of your organization’s risk to compromise, focused on your specific risks.

An InGuardians network penetration test begins from a mutually-agreed upon point of attack such as an exposed network jack in a conference room, a generic location across the Internet, or a compromised employee workstation.  Our analysts identify threats to your organization and pursue an attack towards realizing one or more of those risks.  While the test may compromise a domain administrator account, this accomplishment does not signify the end of the penetration test.  In most cases, it is only the beginning.  In others, it is not even necessary.

Evil Insider

Rogue employee assessment

The Evil Insider service begins with a “white card,” assuming that an attacker has either compromised an existing system or has gained employment within your company.  Our analysts identify threats to your organization and pursue an attack towards realizing one or more of those risks and their impact on your business.  While the test may compromise a domain administrator account, this accomplishment may not be necessary and is certainly not sufficient to demonstrate the full extent of the risk.

Web Application Assessments

Finding and fixing flaws in the core applications of your business

Web applications have proliferated every aspect of our computing lives including how we bank, communicate with friends and family, down to the management interfaces and APIs that integrate with home automation and the Internet of Things. InGuardians has performed countless application assessments uncovering vulnerabilities that could lead to the compromise of sensitive customer information, breach of infrastructure, and immeasurable brand damage. Our consultants guide businesses in how to remediate vulnerabilities in their applications and develop secure coding programs.

Mobile Application Penetration Testing

Developing a mobile app?  Let InGuardians pwn your app before you publish

Mobile apps are being developed with a focus on speed, not security nor privacy. Our skilled mobile attack team has been at the forefront of mobile app security research discovering countless zero-day vulnerabilities in custom enterprise mobile apps and operating systems that would have resulted in backend infrastructure compromise, mobile device insecurities, and data compromise.

Physical Penetration Testing

Testing the physical protections around your information technology instracture

Determined attackers will stop at nothing to gain access to their targets’ networks. They may leverage physical insecurities, employee patterns, and social engineering to infiltrate corporate buildings and closed networks. InGuardians RedTeam Operators utilize the Tactics, Techniques, and Procedures (TTPs) of real attackers to demonstrate the impact a physical security breach has on information security assets.

Wireless and RF

Wireless network and radio frequency analysis and hacking

InGuardians RF experts have dozens of years of combined experience in hacking radio signals and systems.  Today, your radio gear often includes much more than just your wifi networks.  Internet of Things (IoT) brings point of sale systems, elevators, HVAC, surveillance systems, ZigBee and other SCADA systems into your network, increasing your attack surface. Contact us (wirelessly) if your team needs to identify the RF threat to your organization.

Red vs. Blue

Gamified attack and defense training. We are the attackers, you are the defenders.

InGuardians has developed a unique Red vs Blue team training program that can be customized to your organization.  We start by assessing and bolstering the organization’s Incident Response capability.  Then, using custom training modules we conduct live fire exercises testing your team’s ability to detect, deter, and respond.

Custom Training

You know Kung fu?  Show me – Morpheus

For over thirteen years, InGuardians trainers have set the standard for excellence in the information security industry.  We have helped author and deliver some of the most  popular courses at The SANS Institute, Black Hat, Cansec, and onsite to private customers.  Contact us to get started on creating a customized training experience for your team.