“Whereas a penetration test might be limited to a phishing attack or credential spraying to find vulnerabilities, the red team engagement will use that as the starting point, and then see how far they can go inside the client network, with very little time restrictions.

“Oftentimes red teams will find gaps in visibility or a broken internal process that allow lateral movement or access to sensitive data. It also provides a great opportunity for the SoC and IR processes as they triage alerts or hunt on indicators caused by the red team.”

Justin Elze, Director Of Research And Advanced Testing, TrustedSec