Pen test: “Here are your issues.”
Red team: “Here's how we almost emptied the vault while you watched Netflix.”
Red Sentry's Valentina Flores and Max Turner break down the difference, the guardrails, and the one signal that tells you your org is mature enough to hire a red team. Hint: it is not the size of your budget.
Check out the full episode → https://lnkd.in/et35cxpe?
Generally speaking, you don't really want to consider a red team until you've gone through a couple rounds of pin testing because a red team is not gonna give you a list of problems to solve. Red teams are more like a a no holds barred hitting of your security team versus a red team of professional, malicious, ethical actors. And you know, instead of giving you back a list of problems that need to be fixed, a red team is going to be quietly. Attempt to accomplish a customized list of objectives without being detected or stopped by the blue team or you. We say all the time that in pentesting, we're trying to mimic real-world attacks more and more. Red teaming is even farther down that lane. It's even closer to a real attack. We just have permission, like we are hacking into companies. It's just with permission. And we hand you a report afterward. And those are really the only two differences, I guess, also in terms of. Guardrails. Obviously, we're not gonna go in and break everything, we're just gonna show you how it could be broken.
Project Manager | Leadership Doctoral Student | Public Speaker | PMP | KMP | Scrum Master | Project Management | Cybersecurity Incident Response | Digital Projects
1wLove this short videos, very educational and engaging