The best way to know if something works is to try it out. Ensuring that your security products are actually working is a fundamental task of routine maintenance. This is why it is so useful to use tools like Atomic Red Team that generate suspicious events based on ATT&CK techniques and see how Falco triggers alerts. In this blog, we will cover how to install and run the Atomic Red Team environment on a Kubernetes system for testing Falco rules.

There are a variety of methods that an organization can implement to test its ability to withstand a cyberattack or another type of catastrophic situation. One such technique is to conduct a crisis simulation. The term crisis simulation is somewhat generic and seems awfully similar to other types of exercises organizations run to test their level of preparedness.

Red teaming is the practice of asking a trusted group of individuals to launch an attack on your software or your organization so that you can test how your defenses will hold up in a real-world situation. Any organization reliant on software – including banks, healthcare providers, government institutions, or logistics companies – is potentially vulnerable to cyberattacks, such as ransomware or data exfiltration.

This is the second in a series of blogs that describes the importance and inner workings of conducting Red and Purple Team exercises. Part 1 of this blog series gave an overview of how to properly conduct these drills. This blog examines the role Purple Teams play in an effective security testing strategy.

This is the first in a series of blogs that will describe the importance of conducting Red and Purple Team exercises. The first entry in the series gives an overview of how to properly conduct these drills with follow on blogs diving deeper into the specifics of Red and Purple team maneuvers. The first realization most organizations have that their cybersecurity is, let's say, subpar generally comes right after it has been hit by a devastating attack.

The final part of this mini Red Team blog series discusses the benefits a Red Team Assessment will bring to your organisation. A security test of any sort is ultimately designed to see how your business can mitigate and learn from any issues found. Yes, compliance can come into this and passing and failing a test is a factor but creating a strong infrastructure to protect the business and customer interests is the key factor here.

In part one we discussed what a Red Team Assessment is, but how does a Red Team Assessment differ from a Penetration Test? With a Red Team Assessment, we’re testing the whole company, essentially how it fares up to a worst-case scenario attack, whether that’s by a competitive company engaging in corporate espionage hell-bent on disrupting business, or harvesting data, or a criminal organisation breaking in and stealing physical equipment or damaging key infrastructure.

We’re in an age where information is king, misinformation is rife and mass data breaches are commonplace in the mainstream media. Ensuring the security of your organisation’s data, infrastructure and people is paramount and choosing the right service to secure those things is just as important. At Pentest People, we are now delighted to offer our new Red Team Assessment service to our customers. But what is a Red Team Assessment and how does it differ from a Penetration Test?