In the event of a security incident, our Rapid Response Force is available 24/7.
A Redteam exercise is a realistic assessment of a company’s level of security, enabling us to measure the effectiveness of processes, employee and supplier awareness, the robustness of exposed assets, the physical security of buildings, the robustness of the internal network and our customers’ detection & response abilities.
11 days
Cyber attackers remain in corporate networks for an average of 11 days after penetrating a target network, before being detected.
ZDNET 2021
Over several months, our Redteam develops the most realistic attack methodology possible. Overcoming the usual limits of penetration tests in terms of partitioning the perimeter, our Redteamers will test the various possibilities for entering the customer’s network: via a vulnerability on an exposed asset, via a targeted phishing e-mail, via the physical deposition of an implant on the network, via social engineering… any means are good enough!
Our R&D team is constantly developing sophisticated tools and feeding our Redteamers with ever more innovative intrusion, obfuscation and propagation techniques.
A trophy/objective approach
A goal-based approach that determines a compromise path rather than a vulnerability count.
The end of the exercise can be determined by achieving one or more trophies, or by the end of the attack window.
A global approach
All of a company’s assets can be included in the redteam exercise: IT on prem, IT cloud, OT, buildings, people….
A list of exceptions can be drawn up with our customers to take account of their constraints.
A discreet mode then “Assume Breach”
Our team is working to develop the tools and techniques needed to ensure maximum discretion, in order to best test the resources deployed by the Blue Team. If necessary, we switch to “assume breach” mode during the exercise, and can even switch to a Purple Team.
Like a group of real attackers, an advanced cyber-attack requires a variety of skills. Our team is made up of members from diverse backgrounds, ensuring excellence in all areas: application intrusion, network intrusion, social engineering, inforensics, physical intrusion….
Our R&D team is constantly renewing the tools used during the Redteam: network implants, implants on workstations bypassing defense and detection systems, malicious attachments, malicious applications, vulnerabilities still unknown to the general public…
Made up of around 15 Redteamers, based in Paris, Rennes and Toulouse, our team supports our customers as closely as possible, and acts as a real partner over the long term.
Why should I choose a Redteam over a simple security test?
Redteam simulates real-life attacks in a more complex way, enabling an in-depth assessment of your infrastructure's resilience. It offers a realistic perspective on vulnerabilities, often missed in traditional testing.
How does a Redteam assignment work, and what are the stages in the process?
A Redteam mission involves detailed planning, simulation of realistic attacks, identification of vulnerabilities and delivery of a detailed report. The stages vary according to the specific needs of each customer.
Who is a Red Team primarily aimed at, and what is its added value?
Redteam is ideal for companies seeking a comprehensive assessment of their security posture. Its added value lies in the proactive detection of vulnerabilities, enabling targeted improvements to enhance security.
What's the difference between Blueteam and Redteam?
The Blue Team focuses on defense by implementing security measures, while the Redteam concentrates on simulated attack to identify vulnerabilities. Collaboration between these two teams promotes robust, scalable cybersecurity.
Our experts can provide you with ongoing support for your cyber issues. Do you have a question? You’ve come to the right place, and we’ll get back to you within 24 hours!