Red team assessments is a simulated attack with narrowed objectives. The red team utilizes cyber, social and physical weaknesses to achieve their target objective. The goal is to test the organization’s detection and response capabilities.
Red teaming is typically employed by organizations with mature security postures. They already perform regular penetration tests and automated vulnerability scans. The red team acts like a real adversary. During the assessment the effectiveness of internal security processes will be verified. This helps identify and verify security weaknesses. Furthermore, by emulating such an attack the readiness of the internal security, blue team, can be improved.
The terminology was originally coined by the US Department of Defence. The adversary is referred to as red. The owner of the challenged activity is designated blue.
Red Teaming is the art of applying independent structured critical thinking and culturally sensitised alternative thinking from a variety of perspectives, to challenge assumptions and fully explore alternative outcomes, in order to reduce risks and increase opportunities.