Red Teaming concept in HLS Originally, the phrase Red Team (RT) comes from the military war gaming, where by a team of "opposition force" acting as a counter force to the regular troops (blue team) at training or routine operational, in order to test the "blue team" performance.
In HLS, it is common to define the RT as a group of penetration testers that assess the security of an organization, which is often unaware of the existence of the team or the exact assignment. Red teams provide a more realistic picture of the security readiness than exercises, role playing, or announced assessments. Red team may trigger active controls and countermeasures in effect within a given operational environment. Physical testing
description:
•
Access – includes attempts
to physically gain (unauthorized) access into key locations.
• Dumpster Diving – attempt to obtain sensitive information through
methods such as dumpster diving or other
means of obtaining sensitive information located outside the facility.
• Surveillance and mapping of vulnerabilities.
• Computers and terminals hardening (physically).
• Cover story preparation, accessorizing and practice.
• Remote and social attacks of CCTV, alarm, power and environmental
systems.
At Focus HLS, we took it one step further. In our concept, red teaming is a mindset which completes the third segment of the Quality Assurance, together with the Internal Control and Audit. The RT outcomes are analyzed periodically (quarterly and yearly) and should be used in all three levels:
· Operation field managers
· organization Headquarter
· Comprehensive RT drills Ending with a comprehensive full scale exercise involving all forces and communities in the vicinity. All drills are planned and executed in accordance with the customer needs and conducted under severe safety measures. Focus HLS has developed a variety of exercises starting with a table top drill and ending with a comprehensive full scale exercise involving all forces and communities in the vicinity. All drills are planned and executed in accordance with the customer needs and conducted under severe safety measures. We provide you with an independent capability to continuously challenge plans, operations, concepts, and technologies in an operational environment perspective and from the adversaries point of view. Focus HLS red teaming experts are highly experienced and holding the know-how in a verity security fields such as: aviation, maritime, installations, data protection, VIP's, event protection, private facilities and more.
Our RT methodology can be executed by Focus HLS team and/or be taught by us to your RT leaders (train the trainers).
Implementing Focus HLS RT methodology into your organization, will provide you with a perspective that enables and encourages threat oriented solutions.
The benefits of our RT methodology:
· Improving security preparedness by making it more efficient and effective.
· Optimize your resources, cost effective and shows return on your investment (ROI).
· Creating a "predator mindset" among the security personnel and developing security awareness environment within the organization.
· provides the management with a measurable tool that help decision making at tactical level as well as strategic level.
Example of RT drill process:
One role player and one concealment can present in a relatively short time what a thousand words of a written report will not do |
A-Z QA process:
In this Integrated threat oriented quality assurance methodology, the comprehensive The process is conducted in collaboration with the client and performed by Focus HLS team of experts as follows.
|
|
In-house QA implementation
In this method Focus HLS will provide the client with professional tools to conduct its own quality assurance activities as follows.
|
|
Focus HLS enables you to examine your systems as they are observed by the eyes of the opponent. |
|