Design & Implementation of a

Red Team Program

 

Results

 

Advance Persistent Threat Missions (24x7x365) Annually

Annual Sustainment Costs

Average of Unique Vulnerabilities Identified Per Month

Offensive Security Missions per year

Total Time in Months to Design & Implement

Challenge

The client requested assistance in taking their current Penetration Testing Program to the next level. A quick assessment of their Penetration Testing Program reveled many gaps in their People, Processes and Technologies. Recommendation was to transform their current Penetration Testing Program into a Red Team Program.

Context / Action

Once customer leadership approved the recommendation to transform their current Penetration Testing Program into a Red Team Program then we went to work. We Designed and Implemented a Red Team Program (People, Processes and Technologies) that was authorized and organized to emulate a potential adversary’s exploitation and attack capabilities against a targeted mission or capability. In DoD, in accordance with Chairman of the Joint Chiefs of Staff Directives, Red Teams operate to identify exposed information and vulnerabilities of the target’s security posture; support information assurance readiness; create a degraded, disrupted, or denied cyber environment; participate in evaluation of Computer Network Defense Service Providers (CNDSPs) and its subscribers; and provide Protect Services for CNDSPs.

Before we could take their program to the next level we had to build a solid foundation of a Penetration Testing program as the first phase. Being able to perform penetration testing well, lays out the building blocks for transformation into a Red Team.

In building this foundation, we outlined Tactics, Techniques and Procedures (TTPs) outlined from various industry frameworks Open Source Security Testing Methodology Manual (OSSTMM), Social Engineering, Wireless Hacking, Physical Penetration Testing, Open Web Application Security Project (OWASP), EC-Council’s Certified Ethical Hacker, Information Systems Security Assessment Framework (ISSAF), Penetration Testing Framework, NIST 800-115, Penetration Testing Execution Standard, PCI Penetration testing guide and others.

Once penetration testing people were aligned with the new processes and technologies then we reached out to the Army’s Computer Defense Assistance Program (CDAP), Army Regulation 380-53, to become Army Certified Penetration Testing organization. This certification allowed the customer to be recognized as an Army Penetration Testing organization responsible for a specific area of responsibility within the USA. Having a specific area of responsibility enabled the customer to offer their services at the Enterprise Level. Leveraging this new certification, the customer was able to offer their services to any Army or non-Army customer within their new area of responsibility.

In the next phase, we coordinated with external organization, NSA, to identify what was needed to achieve the NSA Cyber Red Team Certification and Accreditation. We morphed the client’s existing Penetration Testing TTPs to a Red Team TTP. This path allowed us to identify and adopt many Nation State and Hacker TTPs into our program and build out our Cyber Playbook.

A major gap identified with true Red Teaming is the ability to discover zero day vulnerabilities, develop tools and weaponize exploits. This advance capability was later designed and implemented into the customer’s program which revolutionized their Red Team. They later received accolades for being the first DoD organization to possess those advanced Red Team capabilities.

Are You A Government Contracting Company?

We are a Minority and Veteran-Owned Small Business. And we are always happy to take on Joint Venture Partnerships with other Government Contracting Companies. Let's Talk! 

Are You A Government Civilian or Military Leader? 

As a former Government, GS-15, Civilian, United States Marine and Pentagon's Security Architect. I understand the struggles of protecting Web Applications within vast Enterprise Architectures.  Let's Talk!

3 Steps to Better Protections, Better Solutions & Better Sleep

//

1

Schedule A Call

If you have a Government Web Application (Websites) that you NEED protecting then schedule a call. It is Free and in place so that we can better understand your mission and goals. 

2

Get Your Plan

During your call, we will talk about your current situation, your desired situation, and weather or not we are a good fit to work together or not. And if we do work together then we will tell you how we can best protect your web application.

3

Protect Your Mission

Move forward with your mission and sleep easy by knowing that light will soon illuminate your Cyber world!

HBG Cyber, Inc. Logo picture

Enter your email to get instant access to the case study

You have Successfully Subscribed!

HBG Cyber, Inc. Logo picture

Enter your email to get instant access to our scheduling software

You have Successfully Subscribed!