ARE YOU RED TEAM READY?

ARE YOU
RED TEAM READY?
Version: 1.2a
Date: 26/09/2018
Author: Sylvain Martinez
Reference: ESC12-MUSCL
Classification: Public

2
• Vulnerability
Assessment concept;
• Penetration testing
concept;
• Red team concept;
• Traditional cycle;
• Red team cycle;
• Red team realistic
simulation;
• Answering different
questions;
• Hacking scenario;
• Hacking milestones;
• Find targets;
• Get physical access;
• Compromise target;
• Exfiltrate secret;
• Do not get caught!;
• Assembling the team;
• Execution;
• To be careful of;
• To do as a priority;
CONTENTS
PUBLIC
NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
• Future of red teams;
• Can you name those
devices?
• Answers
RED TEAM READY

VULNERABILITY ASSESSMENT CONCEPT
3RED TEAM READYPUBLIC
LARGE SCALE
AUTOMATED
CHEAP
REGULAR
Icons from the Noun Project unless specified otherwise

PRENETRATION TESTING CONCEPT
FOCUSED
SKILLED AND MORE MANUAL
COSTS MORE
ON DEMAND/LESS REGULAR

RED TEAM CONCEPT
SCENARIO BASED
HIGHLY SKILLED
EXPANSIVE
ON DEMAND/WHEN NEEDED

TRADITIONAL CYCLE
2. RECONNAISSANCE
1.PREPARATION
3. DISCOVERY
4. VALIDATION
5. ANALYSIS6. REPORTING
7. PRESENTATION

RED TEAM CYCLE
2. RECONNAISSANCE
1.PREPARATION
3. DISCOVERY
4d. EXFILTRATION
5. ANALYSIS6. REPORTING
7. PRESENTATION
4c. FOOTHOLD
4b. EXPLOITATION
4a. VALIDATION

RED TEAM REALISTIC SIMULATION
PHYSICAL / LOGICAL / SOCIAL
EMULATE HACKING TECHNICS
ESTABLISH PERSISTANCE
EXTRACT DATA
DEMONSTRATE

ANSWERING DIFFERENT QUESTIONS!
RED TEAM EXERCISE CAN MY CONTRACTS BE STOLEN?
DO WE HAVE VULNERABILITIES?VULNERABILITY ASSESSMENT
CAN MY WEBSITE BE HACKED?PENETRATION TESTING

HACKING SCENARIO
OBJECTIVES
• FINANCIAL CONTRACT GOT STOLEN 2 MONTHS AGO;
• NOW STORED IN SECURED SERVER IN SECURED ROOM;
• CAN THE CONTRACT BE STOLEN AGAIN?
INFORMATION GIVEN
• NAME OF THE CONTRACT;
• 3x INDIVIDUALS’ NAME RELEVANT TO THE CONTRACT;
• THE COUNTRY WHERE THE CONTRACT IS LOCATED.

HACKING MILESTONES
1. FIND TARGETS
2. GET PHYSICAL ACCESS
3. COMPROMISE ASSET
4. EXFILTRATE SECRET
5. DO NOT GET CAUGHT!

FIND TARGETS

GET PHYSICAL ACCESS

COMPROMISE TARGET

EXFILTRATE SECRET

DO NOT GET CAUGHT!

ASSEMBLING THE TEAM

EXECUTION
PROFESSIONALISM MANDATE

TO BE CAREFUL OF
RENAMING PEN TEST TO RED TEAM
KEEPING STAFF HAPPY
TRAINING
STAY SAFE AND DON’T BECOME A TROJAN HORSE
HOW REALISTIC CAN YOU BE
SCENARIOS TOO WIDE/AMBITIOUS

TO DO AS A PRIORITY
CLEAR MILESTONES
STAKEHOLDERS ENGAGEMENT
BE REALISTIC
PROVIDE COMPREHENSIVE THREAT VIEW
GET A TEAM WITH DIFFERENT SKILLS

FUTURE OF RED TEAMS
MORE DEMANDS
PURPLE TEAM
OFFENSIVE LEGITIMISATION

CAN YOU NAME THOSE DEVICES?

ANSWERS

© 2018 ElysiumSecurity Ltd.
All Rights Reserved
www.elysiumsecurity.com
ABOUT ELYSIUMSECURITY LTD.
ELYSIUMSECURITY provides practical expertise to identify
vulnerabilities, assess their risks and impact, remediate those
risks, prepare and respond to incidents as well as raise security
awareness through an organization.
ELYSIUMSECURITY provides high level expertise gathered
through years of best practices experience in large
international companies allowing us to provide advice best
suited to your business operational model and priorities.
ELYSIUMSECURITY provides a portfolio of Strategic and Tactical
Services to help companies protect and respond against Cyber
Security Threats. We differentiate ourselves by offering
discreet, tailored and specialized engagements.
ELYSIUMSECURITY operates in Mauritius and in Europe,
a boutique style approach means we can easily adapt to your
business operational model and requirements to provide a
personalized service that fits your working environment.

ARE YOU RED TEAM READY?

Related slideshows

More Related Content

ARE YOU RED TEAM READY?