Red Teaming

check your protection against hacker attacks
controlled simulation of a realistic attack

This service consists of a series of simulated attacks which utilise methods, techniques, and tools used by cybercriminals and which are based on modelled scenarios directed at specific targets.

No two organisations are identical, and so the first step we make when providing our services is determining the profile of the organisation and its attack targets, as well as modelling the threats. Our approach to testing allows us to verify the effectiveness of technical and organisational measures employed by the company in respect of preventing, detecting, and reacting to cyberattacks, as well as to assess the organisation’s preparedness and ability to respond to a cyberattack.

Part of the tests are sociotechnical attacks which verify awareness of the company’s employees and their training in terms of recognising and reacting to security threats. Information regarding the organisation and its employees is collected from publicly accessible sources before approved actions are taken.

How do we do it?

Each test consists of specifically designed scenarios tailored for the given organisation, which includes launching a simulated attack with the aim of acquiring a designated target. An example of such a scenario and a target would be an attack conducted with the aim of taking control over industrial control infrastructure or hijacking an e-mail server and transferring messages out of the company without the administrator finding out.

Our scope of operations encompasses:

  • network infrastructure
  • server infrastructure
  • workstations, devices
  • wireless networks
  • physical protection
  • social engineering
  • systems and applications

We provide you the opportunity to discover weak points in your security, we equip you with the knowledge about their root causes, and we offer you guidelines on how to deal with them. You will be able to protect yourself from hackers by thinking like one. Our tests can also help you achieve compliance with legal requirements and best industry practice.

We conduct tests in accordance with industry standards such as OWASP. We adjust our approach depending on the specific client’s needs, using one of the three types of tests.

BLACK-BOX

no information from the client, we perform a full reconnaissance, searching for attack points, acting like a malicious attacker

GREY-BOX

the client provides general information for the reconnaissance such as IP addresses, applications used, and domain names

WHITE-BOX

the client provides full information for the reconnaissance, which helps reduce the time and cost of the operation

Approach to the project

No two organisations are the same, so every new project begins with an introductory workshop where we define and confirm the purpose, scope, and schedule of the project and where we explain our strategies and attack vectors.

Reconnaissance

In this phase we allocate all our resources to acquisition of information about the company, its employees, and its key locations. We gather everything that may prove useful in devising attack vectors.

Mapping

We map the network’s architecture – its systems, services, and applications – to identify any potential points of entry which may be used to launch an attack.

Identification

We utilise all the information collected throughout the previous phases in order to identify any gaps in security that we may be able to exploit with commercial, proprietary, and open source tools and scripts.

Exploitation

We attack systems, applications, the infrastructure, all with the view of gaining access to the target. We also utilise social engineering, e.g. phishing, to check safety awareness of the company’s personnel.

Recommendations

We immediately report all critical findings via a pre-established communications channel. We provide technical data regarding root causes of the vulnerabilities and recommended corrective action based on their priority and impact on the organisation.

Reporting

The project ends with a workshop meeting where we discuss the testing process, the accessed targets, the causes for vulnerabilities, conclusions drawn – so called lessons learnt. It finishes with delivery of a report specifying all identified vulnerabilities and further recommendations in respect of security and business risk mitigation.

Why SiSOFT?

FOCUS

We aim to improve security and mitigate business risk in order to help your organisation make better decisions regarding safety in the future.

RECOMMENDATIONS

We undertake all efforts in realisation of our projects and we always dedicate our finest resources and best practitioners for the purpose of achieving the project’s goals.

WORKFORCE

For every project we allocate data security specialists with a lot of technical experience.

CLARITY

Our recommendations are clear and presented in such a way as to best communicate problems and risks to our clients.

TAILORED TO YOUR NEEDS

We work with both small and large organisations, so we are always able to adjust the project’s scope to particular business goals and technical maturity of any company.