5 steps to a successful red team engagement

You want red team pen testers to find the vulnerabilities attackers are most likely to use. Here's how.

Red team  >  Hackers coordinate an attack.
Gorodenkoff / Getty Images

I’m a huge fan of red teams, but they are often so good at what they do that they lose sight of their primary mission: to help the organization reduce cybersecurity risk.

Red teams are employees or contractors who hack into an organization’s computer assets to reveal weaknesses in defenses. In my over 30-year career, the most enjoyable part was when I was being paid to break into someone’s network. I don’t do it now, although I keep my hands slightly wet by creating realistic hacking demos for my presentations. I always worried that I might not be able to do it, but I was always able to break into every place I was paid to. Hacking is relatively easy once you know what tools and techniques to use. Everyone thinks hackers are uber geniuses, but it’s more like being a skilled plumber or electrician.

Every organization should have regular red teaming done against its environment and applications/services/sites. How often is up to the organization, but anything less than once or twice a year borders on negligence. If you don’t do it at all, you are likely to have multiple vulnerabilities that you are not aware of.

The red team needs to be ethical and professional, and it needs to document and communicate all found vulnerabilities. Here’s my advice for a successful red team engagement.

1. Red teams should report all critical findings to top-line management

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.