Joe Gray, Senior OSINT Specialist at QOMPLX was interviewed by Ericka Chickowski on the role of red team exercises as part of 12 Hot Takes on How Red Teaming Takes Pen Testing to the Next Level.
The merits and flaws of pen testing are hotly debated. Pen testing is often restricted by equipment and rules of engagement; a pen test may not give the full picture. Red teaming is supposed to fill in those gaps, and provide a comprehensive view of a security situation.
“Organizations with an operational and tuned SOC can use such engagements to help identify flaws in processes and logic as opposed to software and hardware. More advanced techniques such as data exfiltration, establishing command and control (C2), and evading detection are more commonplace in red teaming than in penetration testing. Unlike a penetration test, red team engagements may last weeks or months as opposed to days or a couple of weeks,” says Joe Gray.
Other interviewees spoke on tactical vs. symptomatic issues, the benefits of having long-term red teams, and the interaction between pen testing and red teaming, among other topics.
Read the full article at Security Boulevard.