• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Are you RedTeam secure?

April 22, 2016 by Ryan Manship

are you red team secure?

Copyright: 123rf/ Sergey Khakimullin

The following is a guest post by a 2016 Secure360 Twin Cities Gold Sponsor RedTeam Security. 

Take a moment to consider:

You and your organization have taken significant steps towards improving the security posture of your company. Perhaps you have purchased the latest next generation hardware/ software, you have your firewalls, your IDS and IPS, and even hung up your security awareness posters.

Now, you’re secure… right?

Some will think they are secure, others would be quick to point out the security controls not mentioned, and all the security professionals will insist they are still vulnerable.

The question remains, what do we do? Perhaps more importantly, what should your company do and do you need to do anything at all?

Attackers don’t care about your next-gen appliance, if you’re in the cloud, or the state of your firewalls. Attackers look for the easy way in, they most often seek the easiest target.

You, your organization, need to make informed decisions. Red Teaming enables organizations to make informed, prioritized, and business-wise decisions based on realistic and actionable evidence.

So, what is this “Red Teaming”?

Simply put: Red Teaming engagements are focused on your assets with the intent to identify, through a simulated multi-layered attack, how secure your assets are. Every Red Teaming engagement is scalable relative to your needs and the value of your assets.

The engagement starts with research and reconnaissance. Next, your facilities, your people, your network, and your applications will be tested. No attack vector is out of scope – just as you would expect from a real attacker. After some time, you receive a report which outlines the entire engagement, prioritizes the findings, and enables you to make those informed decisions on what to fix. Our holistic approach emulates the thought process of today’s adversaries.

When you attend “Are You RedTeam Secure?”, at Secure 360, you will:

  • Hear stories about actual Red Teaming engagements
  • Know who to choose when it is time for Red Teaming
  • Realize what is in scope for a Red Teaming engagement
  • Understand when you should conduct a Red Teaming engagement
  • Discover why Red Teaming makes sense for your organization
  • See how Red Teaming is done

How is Red Teaming different from other types of penetration testing?

Typical penetration tests are strongly scoped, often time boxed, and limit the discovery of vulnerabilities to the environment or assets being tested. Typical penetration tests result in an understanding of the security vulnerabilities in that specific scoped, subset, of your company’s security risk exposure.

Red Teaming is not limited to a subset of your organization and its assets. Just like real-world attackers; a Red Teaming engagement considers, and tests, all attack vectors. The result of a Red Teaming engagement is a comprehensive understanding of your company’s total security risk exposure.

Who is RedTeam Security?

We are a boutique penetration testing company refining offensive security.

It is our mission to partner with out clients in mutual collaboration to achieve an actionable understanding of each client’s unique security risk profile. We strive to ensure clear communication, deliver actionable results, enable vulnerability remediation, and conduct retesting at a reasonable and competitive cost.

Our core competencies include:

  • Red Teaming
    • Subvert Physical Security Controls, Social Engineering, Network Penetration Testing, & Application Penetration Testing
  • Network Penetration Testing
    • Internal & External
  • Application Penetration Testing
    • Web Applications, API’s, & Mobile
  • Social Engineering
    • Email Spear/Phishing
    • Telephone Spear/Phishing
    • Text Spear/Phishing
    • Physical Overt/Covert Social Engineering

Filed Under: Guest Posts

About Ryan Manship

Ryan Manship's responsibilities include managing a team of ethical hackers, security testing, and providing security guidance to customers. Previously, Manship led the application security program at Fair Isaac (FICO). His Bachelors of Science degree in information technology, from Minnesota State University Mankato (MNSU), focused on networking and security with minor studies in both philosophy and humanities. If you’re ever in the mood to get smoked in a game of Settlers of Catan, he’s your guy. Manship has appeared on ABC News, Business Insider, Tech Insider and has been quoted in Los Angeles Times, Bringmethenews and the Star Tribune. His certifications include CSF (Common Security Framework) and GSEC (GIAC Security Essentials Certification).

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Marketing Envy
    Marketing Envy: [New Blog] 2020 saw in-person conferences evaporate, but with vaccines rolling out, 2021 could be different. H… https://t.co/4YONwZNsDa
    about 11 hours ago

  2. Secure360 Conference
    Secure360 Conference: We are honored to be listed on the Top 20 Cyber Conferences for 2021 -> https://t.co/MnrQ3E5ifw
    about 1 day ago

  3. Secure360 Conference
    Secure360 Conference: Fascinating stuff about the shift from brick & mortar to e-commerce, from Diamond Sponsor @cisco! https://t.co/4GaYGQKZ1a
    about 4 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.