• Back


QOMPLX OSINT Expert Joe Gray Quoted on Red Teaming

Joe Gray, Senior OSINT Specialist at QOMPLX was interviewed by Ericka Chickowski on the role of red team exercises  as part of 12 Hot Takes on How Red Teaming Takes Pen Testing to the Next Level.

The merits and flaws of pen testing are hotly debated. Pen testing is often restricted by equipment and rules of engagement; a pen test may not give the full picture. Red teaming is supposed to fill in those gaps, and provide a comprehensive view of a security situation.

“Organizations with an operational and tuned SOC can use such engagements to help identify flaws in processes and logic as opposed to software and hardware. More advanced techniques such as data exfiltration, establishing command and control (C2), and evading detection are more commonplace in red teaming than in penetration testing. Unlike a penetration test, red team engagements may last weeks or months as opposed to days or a couple of weeks,” says Joe Gray.

Other interviewees spoke on tactical vs. symptomatic issues, the benefits of having long-term red teams, and the interaction between pen testing and red teaming, among other topics.

Read the full article at Security Boulevard.

More News

Card image cap
Ex-Military Cyber Experts To Take Game-Changing $1.5 Billion Startup Public

Published Jul 20, 2021

Card image cap
QOMPLX Reboots Punkspider

Published Jul 20, 2021

Card image cap
BLOOMBERG RADIO Jason Crabtree Interviewed by Paul Sweeney and Matt Miller

Published Jul 14, 2021

Card image cap
Fathom and QOMPLX partner to bring flood models to Q:HELM

Published Jun 24, 2021