Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Red Teaming

The Power of Red and Purple Team Drills in Enhancing Offensive Security Programs

Despite investing in costly security solutions, keeping up with patches, and educating employees about suspicious emails, breaches still occur, leaving many organizations to wonder why they are vulnerable and which security areas need improvement.

How to Get Started with Red Teaming - Expert Tips

During my time delivering red team engagements over the last few years, I've had the luxury of working with organisations who’re just starting out with their red teaming approaches, all the way up to battling hardened and heavily monitored networks. In this experience, I’ve found that one of the key areas that makes or breaks a successful operation is the scoping, sizing and planning of an engagement. It can often be daunting to explore more threat-led and realistic testing approaches.

Replicating Realistic Threat Behavior is Critical to Red Teaming, But It Doesn't Have to Be Complicated

Organizational red teams are tasked with the critical responsibility of ensuring preparedness against real-world threats. But the ability to accurately replicate complex threat behavior can often be resource-intensive, expensive, and difficult to operationalize. As sophisticated threat actors continue to evolve their attack patterns, replicating this rapidly changing behavior can become nearly impossible.

Coffee Talk with SURGe: 2023-NOV-28 NCSC 2023 Review, ENISA Report, Netherlands Cyber Assessment

Grab a cup of coffee and join Ryan Kovar, Kirsty Paine, and Floris Ladan for a special EMEA edition of Coffee Talk with SURGe. The team from Splunk will compare highlights and similarities across recent cyber threat reports, including: Ryan and Floris also competed in a 60 second charity challenge to explain the importance of red teaming.

What is purple teaming and how can it strengthen your cyber security?

To defend against rapidly evolving cyber threats, businesses need to continually adapt and innovate. This means that red and blue teams must work together on an ongoing basis to maximise their individual and collective impact. Purple teaming allows them to achieve this more effectively, significantly advancing organisations’ security posture.

The Beauty of a Red Team Exercise: When One Discovery Leads to Potentially Saving Lives

What started out as a standard Red Team test designed to check the security capabilities of several Australian hospitals, led to a chain of events that eventually uncovered serious security flaws in remote-capable insulin pumps that, if abused could have had disastrous consequences. The hospitals, all of which are part of a connected healthcare system, had contracted with Trustwave to conduct the Red Team tests against several of their facilities.

Multiple Command and Control (C2) Frameworks During Red Team Engagements

When conducting Red Team engagements, more than one Command and Control (C2) framework would typically be used as part of our delivery process and methodology. We would be unintentionally limiting our options if we only had one Command and Control framework to depend upon, which would be less realistic when comparing it to an attack from real threat actors who seem to have infinite time and resources available. The use of multiple Command and Control frameworks is essential.

The cat and mouse game: Staying ahead of evolving cybersecurity threats

Cybersecurity threats refer to malicious activities conducted over digital networks, targeting systems, devices, and data. These threats encompass a wide range of attacks, from stealing sensitive information and spreading malware to disrupting critical infrastructure. And their impact extends beyond technical realms. They can and regularly do affect individuals, businesses, and society at large.

Run Atomic Red Team detection tests in container environments with Datadog's Workload Security Evaluator

Ensuring your threat detection rules work as intended and provide sufficient coverage for major threats is a critical component of a security program. Red Canary’s Atomic Red Team—an open source library of detection tests that help teams validate the effectiveness of their security measures—has historically been the tool of choice for detection testing.