Learn the steps and procedures of a red team engagement, including planning, frameworks, and documentation.
The key to a successful engagement is well-coordinated planning and communication through all parties involved. This room will focus on various components of a red team engagement and planning and documenting a campaign for a red team engagement.
Red team engagements come in many varieties; including,
Tabletop exercisesAdversary emulationPhysical assessment
Understand components and functions of a red team engagement.Learn how to properly plan an engagement based of needs and resources available and TTPs.Understand how to write engagement documentation in accordance to client objectives.
This room requires no prerequisite information or knowledge.
Engagements can be very complex and bureaucratic. The key to a successful engagement is clearly defined client objectives or goals. Client objectives should be discussed between the client and red team to create a mutual understanding between both parties of what is expected and provided. Set objectives are the basis for the rest of the engagement documentation and planning.
Without clear and concrete objectives and expectations, you are preparing for a very unstructured and unplanned campaign. Objectives set the tone for the rest of the engagement.
When assessing a client’s objectives and planning the engagement details, you will often need to decide how focused the assessment is.
Engagements can be categorized between a general internal/network penetration test or a focused adversary emulation. A focused adversary emulation will define a specific APT or group to emulate within an engagement. This will typically be determined based on groups that target the company’s particular industries,