Red Teaming is the process of using tactics, techniques, and procedures (TTPs) to emulate real-world threats in order to train and measure the effectiveness of the people, processes, and technology used to defend environments. Built on the fundamentals of penetration testing, Red Teaming uses a comprehensive approach to gain insight into an organization's overall security in order to test its ability to detect, respond to, and recover from an attack. When properly conducted, Red Team activities significantly improve an organization's security controls, hone its defensive capabilities, and measure the effectiveness of its security operations.
The Red Team concept requires a different approach from a typical security test and relies heavily on well-defined TTPs, which are critical to successfully emulate a realistic threat or adversary. Red Team results exceed a typical list of penetration test vulnerabilities, provide a deeper understanding of how an organization would perform against an actual threat, and identify where security strengths and weaknesses exist.
Whether you support a defensive or offensive role in security, understanding how Red Teams can be used to improve security is extremely valuable. Organizations spend a great deal of time and money on the security of their systems, and it is critical to have professionals who can effectively and efficiently operate those systems. SEC564 will provide you with the skills to manage and operate a Red Team, conduct Red Team engagements, and understand the role of a Red Team and its importance in security testing. This two-day course will explore Red Team concepts in-depth, provide the fundamentals of threat emulation, and help you reinforce your organization's security posture.
- Make the best use of a Red Team and apply it to measure and understand an organization's security defenses
- Learn what Red Teaming is and how it differs from other security testing engagements
- Understand the unique view of the offensive security field of Red Teaming and the concepts, principles, and guidelines critical to its success
- Design and create threat-specific goals to measure and train organizational defenders (CND/Blue Teams)
- Learn to use the "Get In, Stay In, and Act" methodology to achieve operational impacts
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.