Foregenix Attack Simulation

attack simulation icon2Gain a deeper insight

 

• Tactics, techniques and procedures used in the wild
• Identify gaps in your defensive infrastructure
• Receive the executed Playbook
 

Test your defenses


The purpose of the exercise is to replicate the Tactics, Techniques and Procedures used in known attacks to measure your organisation’s ability to withstand compromise.

Red Teaming as an attack mechanism and Blue Teaming as a defensive posture can be merged to create a Purple Team – coordinating dynamic testing and defensive exercises for additional capacity building.

The attack simulation service allows the Foregenix team to use any means necessary to compromise your organisation and the attack does not need to be bound to a specific scope but rather a specific end goal.
siege

Red Teaming


Foregenix assumes the role of an advanced threat actor and tries to compromise agreed upon infrastructure and key systems inside a network using Tactics, Techniques and Procedures (TTPs) employed by advanced threat actors in their compromise campaigns. It tests the defenses of a network against a persistent attacker.

External red teaming: Foregenix perform an external stealth network intrusion against the targeted organisation. Foregenix perform reconnaissance alongside traditional external attacks. Phishing and other social engineering methods are then employed, targeting key individuals within the organisation. 

Assume compromise red teaming: This builds on the premise that, one way or another, you will be compromised and does not care about the root cause – for example, clicking a link, browsing a website or installing a program on their computer from a dubious source

.

Purple Teaming


Purple teaming is a collaborative exercise between Foregenix and the client and involves Foregenix performing a set of TTP's from our Red Teaming methodology in an environment that is fully controlled and monitored by a defensive team. The defensive team can be fully manned by the Client or contain analysts from Foregenix’s Threat Intel and Forensics practice.
 
The goal of this service is to help identify gaps in monitoring controls and model adversarial activities in their internal defensive toolset. This enhances internal capabilities and heightens the internal security of an organisation.
 
The final deliverable of the Purple Teaming offering is the Playbook that was executed against the monitored infrastructure.

  

A typical workflow is as follows...

Playbook creation: The list of tests to be executed are agreed upon between Foregenix and the client. This is based on customer needs but can also take into consideration the overall industry the client is operating in and threat actors targeting that industry.

Playbook modelling: Foregenix models the tests and the client’s environment in its internal toolset. Any additional tests that are part of the defined Playbook are developed in this stage.

Playbook execution: The defined tests are executed in the monitored environment.

Gap identification: Any gaps in monitoring are identified. Foregenix can aid in guiding corrective actions as well as providing specialised Threat Intel and Forensics Analysts who can work alongside the client’s security team.

 For more information on how Foregenix can help you with your Attack Simulation requirements, please contact us using the form below.

Contact Us