Cybersecurity RED TEAM

“Everybody has a plan until they get punched in the face.”
-Mike Tyson

Real-time, real-world, digital assault

Take a quick ride along with our Raxis Red Team to get an inside look of how a real cybersecurity red team assessment is done.

Raxis Attacks.  Raxis Protects.

Red Team Assessment: A game that you’ll win every single time you play it. Blended attacks and concierge engagement come together to reveal your company’s actual attack surface.

Let’s work together

Many customers use our Red Team to test the effectiveness of their Blue Team. We’ll work closely with you to orchestrate a real world cyber attack to ensure everyone is ready when the real attack happens.

Safe, blended attacks

While our Red Team’s real-world cyber-attack is highly effective at finding gaps in your armor, we take precautions to ensure your systems and data remain safe during this controlled simulation.

Interface with Raxis One

Your interface to your Red Team engagement is through our online customer management portal, Raxis One. Securely communicate with your Red Team or download your comprehensive report.

Physical security

In most of our Red Team assessments, physical security is deemed in scope to gain a full-inset view of every potential avenue of attack. We test physical security to ensure that intruders can’t gain access to your technology.

No holds barred

We’ll combine open source intelligence, dark web data, social engineering, our rock star pentesting team, and evasion techniques to safely test every aspect of your defense.

Experienced professionals

Raxis’ Red Team brings decades of clandestine experience to bear against your defenses. Certifications include the OSCP, OSWE, C|EH, GPEN, and many others.

Cybersecurity gamification helps you prepare for a real attack

Test the mettle of your best cybersecurity defenses against an arsenal of multi-faceted attacks from our elite Red Team.

f.a.q.

You have questions. wE have answers.

Cybersecurity Red Team

Why Perform Red Teaming?

The Raxis Red Team provides an adversary simulation service and is called on to help organizations understand the effectiveness of their cybersecurity defenses. We’ll deploy our most experienced and accomplished team members to mount a real-world attack on both your physical facilities and business systems. Every company has vulnerabilities; the Raxis Red Team Assessment exposes them.

Our signature Red Team Assessment is a well-planned and well-orchestrated cyberattack. Our elite team of professional ethical hackers launch a customized, real-world attack, just like determined hackers would. We know from experience that our Red Team Assessments expose vulnerabilities that are less apparent during targeted penetration tests, so you can prepare yourself before real cyberthreats come knocking. A Raxis Red Team engagement identifies not only technology vulnerabilities but also business process gaps as well.

What if your company is looking for a real-world assessment but isn’t quite ready for an all-out attack? As always, Raxis works with you to develop a Red Team test that fits your company’s needs. Before testing begins, we work closely with your team to establish boundaries, assuring the Raxis Red Team deliverables align with your goals.

Should I wait to fix known issues before performing a Red Team test?

If you are running security upgrades that are almost complete, you may want to schedule your red team test for afterwards to test your changes. Usually, however, there’s no time like the present. If you have known issues that you haven’t corrected, it may be a budget issue. If so, a Raxis red team can give you the proof your management team needs to see that the changes are a high priority. Maybe you have been putting off changes that don’t seem that important . . . the complex, chained attacks in a Raxis Red Team show clearly how seemingly small vulnerabilities work together to give a hacker more access than you may realize.

What does it mean for a Red Team Assessment to be in timebox?

While malicious hackers may have all the time in the world to attempt to break into your systems, our Red Team Assessments are scoped for a certain amount of hours — the timebox. Our engagement ends with a report that clearly explains what Raxis accomplished during the time of your test and what you can do to make your environment more secure against a malicious hacker attempting the same things.

How often should I perform a Red Team Assessment?

This often depends on your industry and specific needs of your company, but Raxis recommends at least an annual Red Team Assessment. Raxis also recommends that you follow up with a penetration test about 4-6 months after a Red Team to ensure any findings are properly remediated.

Is there a benefit to changing Red Team or Penetration Testing companies?

While we sometimes work with companies that follow this philosophy, we believe it is flawed. The idea is that different pentesters all have different backgrounds and different strengths, but all pentesting companies are not the same. Raxis pentesters have strong backgrounds and certifications, and they are always working together to learn and share current knowledge about new vulnerabilities and exploits. Not all of our competitors can say the same. We recommend that companies find a trusted pentesting company, such as Raxis, and trust them to perform strong tests year after year.

Is Red Teaming even legal? Do you ever break the law?

We do not break the law. Our contracts spell out what we are and aren’t allowed to do. For example, we will never damage or destroy our customers’ property. What we will do is demonstrate how a real hacker could — and show our customers so that they can take steps to prevent it. Even if most company employees don’t know what is going on, leadership does and has agreed to it.

Are there rules that Pentesters or Red Team Members follow?

Yes, and it’s all about system uptime and data integrity. Unlike the bad guys, our penetration tests stop short of real damage, and we always obscure the data we take for proof of access. We also stay within any parameters set by the customer, but we always push to the edge of that envelope.

My application is cloud hosted. How can you penetration test/Red Team a platform that is hosted in the cloud or by a third party?

Once scoped, we work directly with cloud providers to inform them of our activities. Raxis has completed numerous tests on Amazon AWS/EC2, Microsoft Azure, Google Cloud, Rackspace, and VMWare cloud. We’ve worked with content delivery front ends such as CloudFlare and Akamai as well. No matter what the tech stack is, Raxis will find the best method possible for your pentest.

Why do you download and crack password hashes?

Unless otherwise requested, we crack passwords to determine the strength of the password policy and effectiveness of enforcement. We also may re-use passwords to pivot to other systems, which often results in a larger simulated data breach. Raxis uses high-strength encryption to protect the hash data both at rest and in motion. Once our password cracking is completed, we securely delete the password hashes and provide you with a summary including password strength, complexity, and analysis in a redacted pentest report. In a Red Team Assessment, password cracking is a key component in demonstrating a realistic attack.

Why use the Raxis team for your Red Team Assessment?

The Raxis Red Team team is second to none at pinpointing real world security risks by using the same tools and techniques as a malicious attacker. We’re all in the United States (with many of us based in Atlanta), most of us have at least 10 years of experience, and pentesting (a key component of Red Teaming) is our primary expertise. With so many technology defenses prevalent today, a pentester must understand every aspect of security and the latest techniques to bypass those many controls. The Raxis crew never stops learning the latest exploits, and we have a ton of fun sharing our knowledge. We don’t do checkbox security, and we never will.

Specifications

Cybersecurity Red Team

  • Red Team services are highly customizable, as every customer is unique
  • Powered by Raxis One, a secure web interface for all Raxis services
  • Fully capable of working with cloud providers and content delivery networks such as Amazon AWS, Microsoft Azure, Google Cloud, Cloudflare, Akamai, hybrid cloud, and SaaS solutions
  • Utilizes the same tools and techniques as a blackhat hacker
  • Exploitation, pivoting to other in-scope systems, and data exfiltration in scope
  • Executive debrief conference provided, if desired
  • Optional re-test to validate remediation
  • Remote and on-site, usually including social engineering
  • Based on the MITRE ATT&CK penetration testing framework
  • Meets or exceeds requirements for NIST 800-171/CMMC, PCI, HIPAA, GLBA, ISO 27001, and SOX
  • Available as a subscription service
  • Available as a one-time service
  • NIST 800-53 compliant