Gain a deeper insight
The purpose of the exercise is to replicate the Tactics, Techniques and Procedures used in known attacks to measure your organisation’s ability to withstand compromise.
Red Teaming as an attack mechanism and Blue Teaming as a defensive posture can be merged to create a Purple Team – coordinating dynamic testing and defensive exercises for additional capacity building.
The attack simulation service allows the Foregenix team to use any means necessary to compromise your organisation and the attack does not need to be bound to a specific scope but rather a specific end goal.
Foregenix assumes the role of an advanced threat actor and tries to compromise agreed upon infrastructure and key systems inside a network using Tactics, Techniques and Procedures (TTPs) employed by advanced threat actors in their compromise campaigns. It tests the defenses of a network against a persistent attacker.
External red teaming: Foregenix perform an external stealth network intrusion against the targeted organisation. Foregenix perform reconnaissance alongside traditional external attacks. Phishing and other social engineering methods are then employed, targeting key individuals within the organisation.
Assume compromise red teaming: This builds on the premise that, one way or another, you will be compromised and does not care about the root cause – for example, clicking a link, browsing a website or installing a program on their computer from a dubious source
Playbook creation: The list of tests to be executed are agreed upon between Foregenix and the client. This is based on customer needs but can also take into consideration the overall industry the client is operating in and threat actors targeting that industry.
Playbook modelling: Foregenix models the tests and the client’s environment in its internal toolset. Any additional tests that are part of the defined Playbook are developed in this stage.
Playbook execution: The defined tests are executed in the monitored environment.
Gap identification: Any gaps in monitoring are identified. Foregenix can aid in guiding corrective actions as well as providing specialised Threat Intel and Forensics Analysts who can work alongside the client’s security team.
For more information on how Foregenix can help you with your Attack Simulation requirements, please contact us using the form below.