The threat posed by targeted attacks on companies and institutions is forever on the rise. In a targeted attack against your company's network, we simulate an Advanced Persistent Threat (APT) and put your IT security measures to the test. Apart from the name of the company, the red team is given no information whatsoever, i.e. it carries out its attacks from an external perspective in the form of a black box test.
The three most essential aspects of the company's security are assessed:
A red teaming test can be compared to a firefighting exercise. The red team purposefully lights a fire and you can check that your emergency response is correct and whether you can put the fire out.
Red teaming provides different insights for the different departments in a company. The following questions are answered by a red teaming assessment:
Steffen Stepper
steffen.stepper(at)syss.de
redteam(at)syss.de
+49 (0)7071 - 40 78 56-6157
PGP Key
Red team projects are carried out over several months and usually involve the following project phases:
If the individual phases do not fit your requirements profile, we will be happy to develop a suitably tailored service offer as part of a joint workshop.
It is often assumed that no threat exists as long as the outermost layer – e.g. VPN access of a company – is secure. This is generally a mistaken assumption because, on one side, attackers could always also exploit yet unknown vulnerabilities in applications produced by companies – so-called "zero-day threats".
On the other side, an employee with malicious intentions could easily overcome this first protection layer because they already have legitimate access to the internal systems.
For these reasons, it is important to assess different threat scenarios and also always implement a "defense-in-depth" strategy, i.e. a multilayered system of security measures.
To reflect the threat situation of your company realistically, different scenarios are modeled. On one side there is a fully comprehensive black box approach with a simulated external actor having no knowledge of the internal structures and systems. On the other side is the reduced scope given the assumption that an employee account has already been compromised, a device has been stolen or even that the employee is a malicious actor and would like to harm the company. This is known as the internal actor scenario.
The external actor scenario asks the question: "What damage can an attacker do with no knowledge of the company?" Typically, attempts are made not only to penetrate the company network through the internet, but also through other ways, such as physical assessments and social engineering measures. In cases where the red team does not breach the network successfully, it can be useful to define "leg-ups" with the help of the designated contact person. For example, a minicomputer could be inserted into the network by the contact person to enable network access.
From 40 person days up
Customer evidence of the sovereignty of individual systems identified in the RECON phase
From an external actor scenario, you can expect the following results:
The internal actor scenario asks the question: "What damage can negligent employees, or even employees with malicious intentions, cause to the company?" Possible examples would be a stolen turned-on device or a device with login details, blackmailing of employees with ATPs or anger with the company.
From 20 person days up
From an internal actor scenario, you can expect the following results:
Red teaming assessments are freely customizable projects. Does your company have other requirements or do you have a specific attack path in mind? We will gladly take your necessary organizational circumstances and requests into consideration and design a tailor-made solution for your company as part of a workshop.
A red teaming assessment would usually include social engineering attack vectors. However, these can prove to be difficult to implement in individual cases due to internal policies and the organizational culture. For this reason, it is also possible to conduct a purely technical red teaming assessment with no social engineering.
DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de | OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99
As a framework contract customer please dial the provided on-call service number
DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de
OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99
As a framework contract customer please dial the provided on-call service number
GET IN TOUCH
+49 (0)7071 - 40 78 56-0 or anfrage@syss.de
OUTSIDE REGULAR OFFICE Hours
+49 (0)7071 - 40 78 56-99
As a framework contract customer please dial the provided on-call service number