Kroll Red Teaming Operations

Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)Kroll
WebsiteKroll.com
Company size (employees)5,000 to 9,999
Type of solutionService

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

- Kroll’s Red Team Operations evaluate your response to attack, help you to identify and classify security risks, uncover hidden vulnerabilities and address identified exposures. They enhance blue team effectiveness and allow teams to prioritize future investments.

- On average Kroll Red Team Operations is rated 9/10 for customer satisfaction and has a 95% retention rate

- “Thanks to Redscan, we’re in an infinitely better place now. We have got more visibility than we ever had, and critically, in all the right places. I can now sleep easy knowing that Redscan’s expertise is protecting our business” – Head of technology & cybersecurity at a housebuilding company

Brief Overview

Kroll’s Red Team Operations experts adopt a systematic approach to comprehensively test an organization’s threat detection and response capabilities.

1. Reconnaissance – quality intelligence is critical to the success of any red team test. Kroll’s ethical hackers utilize a variety of OSINT tools, techniques and resources to collect information that could be used to successfully compromise the target. This includes details about networks, employees and in use security systems.

2. Staging – once any vulnerabilities have been identified and a plan of attack formulated, the next stage of any engagement is staging. Staging involves setting up and concealing the infrastructure and resources needed to launch attacks. This can include setting up servers to perform Command & Control (C2) and social engineering activity.

3. Attack delivery – the attack delivery phase of a Red Team Operation involves compromising and obtaining a foothold on the target network. In the course of pursuing their objective, our ethical hackers may attempt to exploit discovered vulnerabilities, use bruteforce to crack weak employee passwords, and create fake email communications to launch phishing attacks and drop malicious payloads.

4. Internal compromise – once a foothold is obtained on the target network, the next phase of the engagement is focused on achieving the objective(s) of the Red Team Operation. Activities at this stage can include lateral movement across the network, privilege escalation and data extraction.

5. Reporting and analysis – following completion of the red team assessment, a comprehensive final report is prepared to help technical and non-technical personnel understand the success of the exercise, including an overview of vulnerabilities discovered, attack vectors used and recommendations about how to remediate and mitigate risks.