Red Teaming is a service designed to help you find out how secure your physical spaces are from real-world threats. The findings then give you information on how you can prevent these attacks.
Why do you need Red Teaming security testing?
Identifying weaknesses and real-world risks
Our Red Teaming security testing is a full-scale simulated attack, virtual as well as physical, on your organisation. Our testing will not only give you a clearer picture of how well your systems and networks can prevent a hack, both through cyber and physical means, but also how quickly you can detect the hack and respond to it.
The service includes a threat and risk analysis session to determine your most important assets, the most likely groups that would target them, and their methods and motivations.
We then devise tests for all scenarios, the results of which are provided to you in a report. This gives you a summary of the risks identified and key messages that you can use to develop a security-aware culture in your organisation.
In essence, we help you identify weaknesses and real-world risks from attacks, and use the information to help you prevent them and drive a cultural change within your business.
Do you know if your organisation is safe from threats, including state-sponsored attacks, organised crime and hacktivist groups?
What we offer
Open-source intelligence gathering (OSINT)
As with the first stage of any operation, our targeted Red Teaming attack begins with investigating your company and employees, gathering information that is inadvertently revealed. This comes from a variety of sources with a focus on the social media pages of the staff. We use this to plan our attacks, both cyber and physical.
Email spear phishing attacks
Cyber criminals use information gathered from your employees to gain access to your organisation’s systems and data. Our red teams use social engineering to get personal information from targets within your team and use this to get them to reveal their username and password, or open an attachment that would let us into their computer.
If your organisation is susceptible to physical intrusion, attackers can gain access to steal sensitive information as well as planting keylogger devices, or compromising the network. Our Red Teaming security testing solutions include planning and executing a similar physical intrusion into your company to see how vulnerable you are to such attacks.
External and internal network security
We identify devices in your organisations that may have been insecurely configured as these might be used to break into your organisation. Our Red Teaming security testing will also find other possible methods of intrusion and try to exploit them to gain access to your internal network. If successful, we will attempt to escalate our privileges to gain access to sensitive data.
Since not all information gathering exercises by hackers is online, we will also assess how secure your organisation is against telephone social engineering attempts. Our trained team of telephone social engineers will call employees to see if they can get them to divulge sensitive login information or to get them to open an attachment sent as a spear phishing attack.
What is a red team (or, why would you pay to be hacked)?
The only real way you can determine the effectiveness of your security is by trying to get it hacked into.
And this is just what Falanx Cyber’s red teams are employed to do.