Dragonfly Red Teaming programs simulate real world attacks to measure how well an organisation can withstand cyber threats and malicious actors. Beyond security controls, engagements also assess the effectiveness of monitoring and alerting capabilities while highlighting potential weaknesses in established incident response processes.
The Dragonfly Red Team is a comprised of highly skilled security consultants that utilise tools and techniques outlined in this statement of work to evade detection and test the defence readiness of your organisation.
2
Why conduct a Red Team exercise?
Reduce Risk – Uncover attack vectors that could be exploited by malicious actors and implement remediations
Insight – Assess your organisations ability to detect, prevent and respond to cyber attacks
Brand Protection& Reputation – Real world simulations enhance protection of your critical systems and data and demonstrate commitment to security across your organisations value chain
3
Our Approach
Reconnaissance – Gather intelligence and information on target organisation to identify publicly available data, potential vulnerabilities, and targets.
Exploitation – The objective is to gain access to the environment through social engineering capabilities, vulnerabilities or exploits and establish an initial foothold into the environment to enable a persistent online channel for undetected external access.
Control – After establishing an initial foot hold the purpose of the control phase is to escalate our privileges to enable lateral movement within the environment with the goal to exfiltrate data.
Analysis – Following the completion of the testing phases the analysis phase focuses on producing a detailed report with synopsis on failed detection capabilities, recommended remediations and action plan.
We partner with leading security, cloud, and network vendors
Proven partner ecosystem to provide your business with options and flexibility.