Common Objections and Rationalisations: “Our production systems are completely isolated from outside access.” “Our system is secure because it would be impossible for an outsider to understand it.” “We’re not a likely target. We’re not important or interesting enough to attract hackers.” “We’ve never had a problem. There has been no intrusion or disruption in our production network.” “It hasn’t happened yet, so it seems unlikely. I don’t think it will happen.” “We can’t justify the expense and manpower.” Being Vulnerable is not your fault. Staying vulnerable definitely is... Cyber Security is much more than a matter of IT... Passwords are like underwear: Don’t let people see it, Don't leave them lying around and Change them regularly... It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.. Technology trust is a good thing, but control is a better one... No technology that’s connected to the Internet is unhackable. Social engineering bypasses all technologies, including firewalls. Phishing is a major problem because there really is no patch for human stupidity. If you think you know-it-all about cybersecurity, this discipline was probably ill-explained to you. My message to companies that think they haven’t been attacked is: ‘You’re not looking hard enough. Never underestimate the determination of a kid who is time-rich and cash-poor. Time is what determines security. With enough time nothing is unhackable. Data is the pollution problem of the information age, and protecting privacy is the environmental challenge.

Follow On Social

RED Teaming

Our Services

How a Red Team Operates

Red teaming is an attack technique used in cyber security to test how an organisation would respond to a genuine cyber attack. It is done through an Ethical Hacking team or similar offensive security team.


The red team that simulates the attack is often an independent cyber security provider, while the organisation's defensive cyber security capability is known as the blue team. The blue team aren't given warning of the exercise so that the organisation receiving the red teaming gains a realistic measure of its ability to respond to a genuine cyber attack.

What is a Red Team?

A red team is a form of penetration test (pentest) that has a very different set of goals to the more traditional pentest. While a typical pentest focuses on finding vulnerabilities and potentially exploiting them within a predefined set of company systems, a red team is target-driven and seeks to gain access to predetermined objectives by exploiting relevant weaknesses anywhere within an organisation. It does not seek to provide an exhaustive list of vulnerabilities present.


The value of a red team is in simulating how an organisation could be targeted in a real world attack and testing how the blue team responds to such an attack. The tactics, techniques and procedures (TTPs) of a red team are modelled on real-world malicious threat actors, with the goal of highlighting gaps in the security response.

Red teaming, however, does not exclusively require the existence of a blue team.

  • Red Teaming

  • Blue Teaming

  • Purple Teaming

The lack of notice is what distinguishes red teaming from pen testing. Blue teams are often purposely left in the dark during these evaluations. The goal of this is to force the blue team to respond as if it were an actual attack, providing a more accurate assessment.

Red Team results

The test can last anywhere from weeks to months, but at the end the results are collated and a workshop is run with the blue team. The complexity of this workshop depends on the target. It can be:

  • a high level summary of where they performed well and where they can improve;

  • a technical review of each attack and counterattack between the two teams; or,

  • or a set up for a larger “find and fix” project the company wants to launch on the back of the red team.


Red teams offer a means of measuring response to specific scenarios as business operations change. For example the unattended laptop scenario which has changed, due to the dramatic shift to remote working in the pandemic, to a shared remote environment which has a different risk profile and possible attack paths. Red teams are ideal for companies that are keen to assess how good they are at preventing, detecting and responding to real world cyber attacks.

Get a Quote

CONTACT US
SecOp Logo