A Red Team audit is meant to simulate a real attack in order to test the global security level of the information system and the awareness of the employees. The objective is to demonstrate the potential consequences of an attack, and to test the reactivity of the defense teams.
It differs from a penetration test because it doesn't limit itself to listing vulnerabilities on a delimited perimeter.
The Red Team audit can be seen as a combination of attack scenarios and objectives to accomplish. They are jointly defined by AlgoSecure and the customer, according to the activity sector and the identified risks. A few examples are:
Only a few of the customer's employees are informed of this audit, and it's generally done over a relatively long period, typically a few months, so the customer cannot predict when the different scenarios will be accomplished, and therefore challenge the security in real-life conditions.
We point out the importance of making the perimeter as large as possible: in real-life situation, an attacker doesn't have any limit, and the Red Team audits are there in order to replicate a real-life attack, without the negative consequences it would have. That said, we always respect the defined perimeter according to your conditions, and use all or part of the methods lsited before, based on the time constraints defined by you.
The recon phase is a lot bigger than in a regular audit. The reason being that we don't just map out the computer resources and information system, but also identify the workers we could compromise later during the audit.
For this, we conduct multiple operations with the goal of:
This stage amounts to an external audit and a web application audit.
This stage can have multiple objectives. On one hand, we can test the welcome process for outsiders and see whether it's possible to access restricted areas by using the employees' lack of awareness. On the other hand, we'll try to set up a device on the internal network in order to get a remote access to the network, and initiate the next stage without needing to physically stay in the office.
There are multiples means to this end:
If we managed to connect a device on your network to get remote access, this stage amounts to a internal network security audit (LAN).
We audit your internal network to show you what an attacker might have access to.
Specialists in information security and pentest in Lyon, Paris, Saint-Etienne and throughout France
You've enabled "Do Not Track" in your browser, we respect that choice and don't track your visit on our website.