Almost all the very large to small organizations who have digital presence, do use preventive security controls to protect their digital assets & infrastructure. There is no end of solutions/services available which claim to protect the organization from Cyber Attacks.

The conventional approach to combat the modern cyber threat landscapes are turning irrational, it is just like asking a student who has been taught ‘1+1 =2’ to solve the Riemann Hypothesis. Attackers these days easily mask their activities behind the everyday user. Availability of sufficient funds aids a cybercriminal to penetrate through the defences of your organisation, browse the shortcomings, and wait for the perfect opportunity to strike, because they are never short on time! Application whitelisting and sandboxes are now impotent against file-less malware attacks.

Threat Hunting & Intelligence – From the eye’s of Deepweb/Darket Analyst

The IoC (indicators of compromise) they detect and capitalise on are way beyond the reach of your firewall, SIEM, IPS, anti-virus or any other automated security technologies. Right now, while you are going through this document, it is very much possible that you or your organisation has already been breached and you are completely unaware. Simple explanation, it takes almost 164- 200 days for an organisation to realise the fact that the damage has already been done.

It’s high time you upgrade your Security Operations to the next level. It is time you prepare yourselves against the persistent furtive attacks that the current quintessential SIEM technologies fail to detect and are only discovered by the best and the most expensive analysts in the business

What do we offer

  • While offering our services, We have already factored following scenarios for the organization :
  • They have established laid down guidelines to protect their digital information
  • Common Firewalls, IDS/IPS, WAF, Anti Viruses, secured applications & databases are in place.
  • They go for typical VA/PT exercises at prescribed intervals.
  • Human resources are there to manage above them.
  1. With above assumptions,

  • Deepweb/Darknet data breach assessment.
  • Threat Intelligence for an organisation, irrespective of their business, size, location in IT & OT (Operational Technology) & IIoT (Industrial Internet of Things) environments.
  • External Cyber Threat Assessment.
  • Internal Cyber Threat Assessment – Yes, approx. 60% of security incidents happens due to internal employee.
  • Anti-Ransomware Solution – Ransomware Operations monitoring
  • Evidence of IoC (Indicator of Compromise), actionable items to mitigate & neutralise, before this becomes available to others.

How do we offer

  • We work with very basic steps following the standard guidelines of OSINT (Open Source Intelligence), IMINT (Imagery Intelligence) SOCMINT (Social Media Intelligence), Digital HUMINT (Human Intelligence).
  • This gets co-related with P.P.T (People, Process & Technology) & TTPs (Tactics, Techniques & Procedures) in our custom-built Engine. While we do understand Technology & Process are common for all, the differentiator we have is “People”.
  • We do believe “One Solution doesn’t fit” for all & every organizations have different setup & different business objective. Hence solution rendered would be custom one.

What is an Organization’s Current Defensible Position

The Red-Team Assessment will evaluate and test your organization’s defenses using real world attack scenarios to more accurately gauge & address your Cyber Risk. Our advanced Red Team service can help you understand the adversaries and tactics that cyber-criminal will use to penetrate your organization’s defenses.

What is Modular Red Team Assessment?

Modular Red Team is an industry leading, intelligence-based capability for hands-on security assessment to help identify and provide greater visibility into Cyber Operational threats. It

Contains proprietary information, intended for named recipients. Unauthorized copying prohibited Red Team Brochure – Fool Proof Methodology for Proactive Cyber Security will help ensure your business processes and systems meet their mission objectives when challenged by Advanced Persistent Threat (APTs) or any Digital Data disasters like ransomware etc.

The assessment will have a multi-disciplinary team that utilizes “all source” intelligence capabilities to support an exhaustive testing strategy. Once profiled, attack vectors are identified and strategies devised to implement sophisticated attacks including spear phishing, watering hole, malware and social engineering etc.

Typical Cyber Security concerns/questions addressed by this Assessment

  • Will my organization’s existing combination of security controls protect against a sophisticated Cyber Attack in practice?
  • Does the existing risk assessments, budgets, and IT initiatives appropriately reflect the Cyber Security risks facing my organization?
  • Can my Organization Cyber perimeter be breached due to security issues at Foreign Subsidiaries?
  • What information can office visitors, contractors and employees find on corporate network?

Red Team Primary Differentiators

The Red Team Assessment Framework offers the following :

  • Provides the ability to test the effectiveness of your digital forensic & Incident Response (IR) capabilities.
  • Measures the resilience of your organization’s defensive posture
  • Provides access to good quality Threat Intelligence on your organization that has been vetted by our professionals.
  • Provides visibility into your organization’s exposure to information harvesting by examining its digital foot print.
  • Provides knowledge & early warning signs to help your organization harden its business systems so that they better resist an active attack.
  • Provides a practical training opportunity for your Cyber Defense team
  • Simulates a more realistic Threat environment to better tune your Security Information Event Management (SIEM) and Intrusion Detection/Prevention System (IDS/IPS).

Scope of Red Team Exercise

The scope of the Red Team exercise with probable time frame:

 

1

page7image3729712

Passive Information Gathering

page7image3730336

page7image5000336

Phase 1
5 Working Days

page7image3731376 page7image3731792 page7image3732208 page7image3732832

2

Open bucket / API identification / security assessment

3

page7image3734912

Fictitious Website / Lookalike Domain Identification

4

page7image1671664

Deep & Dark web assessment for breached data

page7image3670848

5

Digital media scrapping for Senior Management Info

Phase 2
5 Working Days

page7image3736160 page7image3736576 page7image3736992 page7image3737408 page7image3737824 page7image3738240

6

IP reputation identification

7

Identification of Shadow-IT web application

8

Shadow – _IT Assessment with Metadata Analysis

9

page7image3744480

Assessment of “Banner Data Leakage”

page7image3745104

10

Assessment of malicious web applications / BOTS/backdoors in the identified IP range

11

page7image3747184

Perimeter breach assessment

12

page7image3748848

Analysis of public/private paste sites

page7image3749472

Phase 3
5 Working Days

page7image3749888 page7image3750304 page7image3750720 page7image3751136 page7image3751552

13

page7image3753840

I2P Data breach assessment

page7image3754464

14

Identification of any data exposed unintentionally to the internet

15

page7image3756544

Subdomain takeover assessment

16

page7image3758208

Unintentional Search-Engine exposure assessment

17

Custom Malware protection effectivity assessment

18

Spear Phishing attack

Phase 4
5 Working Days

(Optional)

page7image3761952 page7image3762368 page7image3762784 page7image3763200 page7image3763616 page7image4981072

19

Antivirus Evasion Testing. (Physical – _Client Site)

20

DLP Hardening Test / Bypassing DLP

21

Testing insider attack Vector

22

page7image1701408

Analysis of Threat IOC inside the network

page7image3670640

23

Custom Malware protection effectivity assessment

page7image1703696

 

Red Team Exercise - Why it’s beyond Penetration Testing

 

Range of Services

page7image3672720

Penetration Testing (PT)

page7image5022064

Red Team Assessment (RTA)

Vulnerability scanning

Y

Y

Customized scripts& applied intelligence

Y

Y

Social engineering

N

Y

Cyber scenario testing (table top & hands-on)

N

Y

Breach via third party analysis

N

Y

Metadata scan, sensitive data web search

N

Y

Dark web search

N

Y

Insider threat simulation

page7image3782336

Y

page7image3783376

page7image3784208

Y

page7image3784832

VOIP / Telephony attack

N

Y