A Red Team attack focuses on pragmatic proof that security vulnerabilities exist rather than a structured approach as in a penetration test. The goal is to find the most critical gaps, exploit them, and document the attack paths and techniques used.
Red Teaming also covers topics that are not or only marginally addressed in penetration tests, such as lateral movement, persistence, privilege escalation, exfiltration, and more. Depending on requirements, social engineering activities can also be included – for example, physical access to offices, buildings, or production facilities, as well as phishing emails and phone calls.
Real attack patterns from known APT (Advanced Persistent Threat) groups can be replicated to determine, under simulated conditions, whether and to what extent the client is vulnerable to these specific scenarios.
A Red Team assessment can also be conducted in direct collaboration with the “Blue Team” – the client’s defensive team – to determine which attack methods are detected and whether the incident escalation process is properly structured.
Zerberos conducts Red Team assessments based on MITRE ATT&CK and can incorporate other frameworks such as TIBER, CBEST, or CCDCOE. Tools used include Cobalt Strike, Metasploit, SET, Veil, Gophish, BloodHound, Mimikatz, and Responder.
The results of a Red Team scenario serve as the basis for further measures, such as reviewing or creating incident response plans, implementing DLP solutions, conducting structured penetration tests of web applications, external and internal networks, or training employees following a social engineering attack.
We create a tailored scenario for your Red Team engagement and supplement it as needed with penetration testing, security consulting, and other cybersecurity services.
Contact us for a consultation and further information!