Red TeaminG SERVICES

Emulate true threats with our red teaming services to identify them before the adversary does.

Evaluate Your Security

Multi-Pronged Attack Simulation That Mimics the Most Sophisticated Adversary

Our red team assessment is our most sophisticated attack simulation service offering. Our Red Team service combines the most nefarious tactics, techniques, and procedures from our open-source intelligence gathering, social engineering and penetration testing offerings into a multi-pronged attack that closely mimics a sophisticated adversarial assault.

Talk to an Expert

Threat Actors Don’t Adhere to Scope Boundaries. Neither Should You.

No two red team assessments are the same. Our team of certified professionals will collaborate with your authorized personnel to define complex pretext(s) that best set the stage for assessing key components of your organization’s security program.

We honor all requests (within reason) and brainstorm possible approaches if you would prefer direction when initiating the planning process. Maintaining the appearance of validity, authenticity and security in everything we do is the cornerstone of believable and successful engagements. We leverage every feasible possibility to develop the most realistic attack for the desired approach and circumstances.

Truly Sophisticated Attack Emulation

These completely customizable assessments leverage manual processes. Skilled attackers do not use well-known tools with easily detectable payloads to execute these types of attacks, and neither do we.

Our expert consultants are adept at developing custom “malware,” evading technical controls, creating doppelgänger websites, circumventing physical security controls, exploiting trust and emotions via email, voice, and in-person interactions, and covertly identifying the path of least resistance to your organization’s assets.

The Most Viable Approaches & Techniques to Meet Your Objectives

While the following list includes examples of specific activities that we include in red teaming assessments, we will work closely with you to identify the approach(es) and technique(s) that are the most viable for your objectives.

The specific techniques involved in the engagement include, but are not limited to:

  • Cloning a valid RFID badge to gain access to secured areas within the target facility
  • Sending phishing emails that entice users to disclose credentials, run “malicious” executables or perform some other similarly risky activity
  • Gaining access to the facility by leveraging a plausible pretext and installing a rogue network device (drop-box) on the internal network
  • Interacting with the help desk to set up an account, change a password, establish VPN connectivity or perform some other similarly risky activity
  • Impersonating service vendors (document delivery, tape backup collection, etc.) to obtain potentially sensitive information (documents, tape backups, etc.)
  • Leaving USB thumb drives at strategic public locations that contain embedded “phone home” functionality, which could facilitate unauthorized network access when the data is accessed

Certifications

Put an ELITE Highly-Trained Team on Your Side

Additional Resources

View All

Maximizing Value Through Collaborative Penetration Testing
Maximizing Value Through Collaborative Penetration Testing” presented by Victor Wieczorek, GuidePoint Security’s Director of Threat & Attack Simulation. As a […]
Watch Now
Managing the Open Security Perimeter and the Growing Attack Surface
In this on-demand virtual event we examined the challenges CISO’s face managing the remote workforce & the expanding security perimeter. Learn […]
Watch Now
Threat & Attack Simulation Practice Overview
GuidePoint’s Security’s Threat & Attack Simulation services mimic real-world attacks to help identify exploitable attack vectors in your organization’s IT […]
Download