Skip to content

Latest commit

 

History

History
37 lines (25 loc) · 1.35 KB

red-teaming.md

File metadata and controls

37 lines (25 loc) · 1.35 KB
Raw
description
11/21/2022

💯 Red Teaming

What is Red Teaming?

  • Red Teaming is the process of using tactics, techniques, and procedures (TTPs) to emulate a real-world threat
  • The goal is to measure the effectiveness of the people, processes, and technologies that come together to defend an environment

"Red teams are meant to provide an adversarial perspective by challenging initial assumptions that are made by organizations and defenders."

Operations Security (OPSEC)

  • A term originating from the United States military and adopted by the information security community
  • Generally speaking, it's how easily actions can be observed by hostile intelligence

Primum non nocere?

  • This is a Latin phrase that translates to "first, do no harm" in English
  • As Security professionals, we don't want to harm or weaken the security of our clients right?
  • We are here to improve their security

Attack Lifecycle: Lockheed Martin's "Cyber Kill Chain"

  • This is a framework that describes each phase an attacker must go through to compromise a target
  1. Reconnaissance
  2. Weaponize
  3. Delivery
  4. Exploitation
  5. Installation
  6. Command & Control (C2)
  7. Actions & Objectives