Design & Implementation of a

Red Team Program

 

Results

 

Advance Persistent Threat Missions (24x7x365) Annually

Annual Sustainment Costs

Average of Unique Vulnerabilities Identified Per Month

Offensive Security Missions per year

Total Time in Months to Design & Implement

Challenge

The client requested assistance in taking their current Penetration Testing Program to the next level. A quick assessment of their Penetration Testing Program reveled many gaps in their People, Processes and Technologies. Recommendation was to transform their current Penetration Testing Program into a Red Team Program.

Context / Action

Once customer leadership approved the recommendation to transform their current Penetration Testing Program into a Red Team Program then we went to work. We Designed and Implemented a Red Team Program (People, Processes and Technologies) that was authorized and organized to emulate a potential adversary’s exploitation and attack capabilities against a targeted mission or capability. In DoD, in accordance with Chairman of the Joint Chiefs of Staff Directives, Red Teams operate to identify exposed information and vulnerabilities of the target’s security posture; support information assurance readiness; create a degraded, disrupted, or denied cyber environment; participate in evaluation of Computer Network Defense Service Providers (CNDSPs) and its subscribers; and provide Protect Services for CNDSPs.

Once penetration testing people were aligned with the new processes and technologies then we reached out to become Army Certified Penetration Testing organization. This certification allowed the customer to be recognized as an Army Penetration Testing organization responsible for a specific area of responsibility within the USA. Having a specific area of responsibility enabled the customer to offer their services at the Enterprise Level. Leveraging this new certification, the customer was able to offer their services to any Army or non-Army customer within their new area of responsibility.

In the next phase, we coordinated with external organization, NSA, to identify what was needed to achieve the NSA Cyber Red Team Certification and Accreditation. We morphed the client’s existing Penetration Testing TTPs to a Red Team TTP.

Enter your email to get instant access to the case study

Enter your email to get instant access to the case study

Thank you for your time; we hope you enjoy the free case study.

Enter your email to get instant access to schedule your free Cyber strategy session today

Enter your email to get instant access to schedule your free Cyber strategy session today

Thank you for your time; we hope you enjoy the free case study.

Enter Your Email To Schedule Your Free Cyber Strategy Session Today

Enter Your Email To Schedule Your Free Cyber Strategy Session Today

Thank you for your time; we hope you enjoy the free case study.

Pin It on Pinterest