Red Team Engagements

It is said that attackers only need to get it right once, but defenders must prepare for every possible vulnerability across the entire infrastructure. That is why a penetration test or vulnerability scan alone cannot properly defend a target.

At Devious Plan our approach to Red Team Engagements is based on standardized methodologies from OWASP and other sources to ensure comprehensive coverage of your infrastructure. This helps find security flaws not found by Static and Dynamic Analysis tools or standard vulnerability scans and penetration tests. To achieve reliable, consistent, and repeatable results our methods are based upon the principles of engineering and science.

Using Tactics, Techniques, and Procedures (TTPs) to simulate a real threat actor, clients can clear see their defensive capabilities at detection and response.

At the core of our team's capabilities lies an extensive collection of advanced tools and frameworks. These resources, when used in a manual engagement, act as a force-multiplier that enables simulation of real-world attacks, thoroughly assess defense mechanisms, and provide accurate risk assessments to our clients.

We communicate at every stage of the engagement, from a clearly defined scope and objectives that match your needs, to campaign planning, Concept of Operations (CONOPS), Mission Plan, to the final report and presentation.

Our process starts with a clear Scope and Rules of Engagement (RoE) definition that you and Devious Plan agree upon. This includes specifying the systems, networks, applications, and physical locations that are within the scope of the exercise. It also outlines the rules of engagement, which typically include constraints to avoid damaging critical systems and data. Deliverables include document confirming the scope, RoE, CONOPS. This phase also includes the appropriate Non-Disclosure Agreement.

The next phase includes reconnaissance of in-scope targets and an Open-Source Intelligence (OSINT) techniques. This can involve passive techniques or active techniques such as social engineering to understand the organization's infrastructure and potential weak points.

The attack phase attempts to breach your defenses while trying to remain undetected. If successful we attempt to pivot to other locations and escalate privileges. If in scope, we attempt to exfiltrate data.

We wrap up with the reporting and debriefing phases where we share all knowledge gathered about weaknesses and strengths

In addition, we strongly recommend follow up training for your team that focuses on weaknesses found. See the Training section for details