Red Teaming and Alternative Analysis

Red Teaming and Alternative Analysis

A Tiger Team is comprised of security experts who are engaged in either physical or virtual penetration of a client environment. The term is most commonly used in the IT security field, to refer to a a team of white-hat (also rendered as ethical) hackers whose work is to attempt to circumvent existing security measures in order to learn about client system’s vulnerabilities. Less known to the general public is the term’s use in military operations and physical penetration.

At the Chaos Group of Canada, we use F3EAD (Find, Fix, Finish, Exploit, Analyze, and Disseminate), a Special Operations Forces-pioneered methodology used for contingency operations oversees. The key feature of F3EAD is a symbiotic relationship between intelligence and operations. In F3EAD, the mission directs the intelligence effort, and in turn, intelligence feeds operations with the information that is needed to accomplish the mission. This allows the mission to execute its tasks before the enemy has time to react.

When it comes to cyber defence, F3EAD can be applied to incorporate intelligence practices into the daily operations of a security office. Networks are secured through employing investigators, forensic experts and carefully-designed information sharing practices. Through this process, intelligence is always ready to become evidence and provides real-time leads to a threat actor. This approach is all-encompassing and provides a 360-degree view of potential threat.

Our process starts with the pre-engagement interactions, where we discuss the goals, the scope and the rules of engagement, as well as the timing of the test. We will cover the legalities for your jurisdiction and the communication channels used throughout the project. The interactions are then compiled into a Permission to Test document.

Our industry-certified penetration experts then study your environment in a process known as reconnaissance. Various techniques, such as footprinting, open source and human intelligence and covert gathering may be used at this stage.

During the next process, threat modeling, we make an inventory of the assets you are trying to protect and map it against known threats. We then conduct vulnerability testing by discovering loopholes in your security systems.The result of the test should give us an entry point through which the access to the systems is established. The attack usually focuses on the systems which are most critical and/or those generating more revenue (thus the attack of such system would result in most revenue loss).

The next steps are usually stipulated in the Rules of Engagement document, and can include infrastructure analysis, pillaging, data exfiltration, target profiling, depending on the needs of your organization.

Contact us today at 416-915-4238 to discuss our penetration testing in more detail.

Threat Risk Assessment

Vulnerability scanning

Application pen testing

Infrastructure Pen Testing

RF & Wireless Attacks

Social Engineering & Phishing attacks

Physical Penetration testing

Think Security Now