Word of the Day: red teaming

Word of the Day Daily updates on the latest technology terms | July 4, 2019 red teaming Red teaming is the practice of rigorously challenging plans, policies, systems and assumptions by adopting an adversarial approach. The purpose of red teaming is to countermand cognitive errors that impair critical thinking such as group think and confirmation bias. In the enterprise, a red team may be either a contracted external third party or an internal group whose existence has not been shared with employees. Red teaming as a formal discipline originated with the military and intelligence agencies. The North Atlantic Treaty Organization (NATO) handbook defines red teaming as the art of applying critical thinking from a variety of perspectives to challenge assumptions and explore alternative outcomes. Its earliest implementation in the enterprise was in security, where ethical hacking and pen testing are two common examples of using contrarian thinking as part of an organization?s strategic planning process. A properly conducted red team exercise extends further than simply identifying gaps in security practices and controls. Instead, it determines how an organization is equipped to deal with real-world attacks. For example, results can be used to engage a board of directors to get further investment in security defenses and staff security awareness training. Red team testing vs. pen testing Red team exercises generally start with passive reconnaissance and open source intelligence gathering, using publicly available data such as social media postings and online searches to identify individuals to target within the organization. While a penetration test usually relies upon the company providing relevant information such as the IP addresses to scan or the necessary credentials to access an application, a red team starts from the same position as a real attacker ? from inside or out of the organization. Red team exercises also take place without the knowledge of most personnel at the target organization. The legal implications of a red team are much the same as for a penetration test. This means the attack team could potentially be in contravention of the Computer Misuse Act, and the Data Protection Act (DPA) could come into play where access to data is concerned. Provision of the relevant authorization avoids the former, and if the security company conforms to standards such as ISO27001 and ISO9001, DPA issues can be avoided. Principles of red teaming In 2015, Bryce Hoffman became the first civilian to graduate from the U.S. Army?s Red Team Leader Program at the University of Foreign Military and Cultural Studies at Fort Leavenworth, Kansas. In his 2017 book, Red Teaming: How Your Business Can Conquer the Competition by Challenging Everything, Hoffman recommends a few exercises that can help a red team gain a fresh perspective: Be your own worst enemy - a role-playing exercise in which red team members assume the role of a competitor trying to gain a competitive advantage.   Devil's advocacy - a role playing exercise that requires red team members to take a belief central to an organization's strategy and develop a compelling case for the opposite.   Think-Write-Share - everyone on the team thinks about the problem and writes down their ideas before sharing them with others. The goal of this exercise is to avoid groupthink and encourage people to value their individual perspectives. Quote of the Day "Red teams must use a no holds barred approach to validate the posture and security of your organization and the assets that are important to your business." - Matthew Pascucci Trending Terms cognitive bias critical thinking ethical hacker penetration testing white hat risk assessment Learning Center How to mitigate risks caused by supply chain software As cybersecurity attacks on supply chain software become more widespread, organizations must determine whether their software is secure and evaluate the risks by performing penetration testing, red teaming and risk assessments. BT Security CEO: Red teaming is valuable, but challenging At MIT's Computer Science and Artificial Intelligence Laboratory conference, Securing the Enterprise, BT Security CEO Mark Hughes talked about the importance of red teaming and why it's hard to make the most out of your cybersecurity investments. Red team assessments and post-assessment posture improvement With the use of red team assessments on the rise, knowing the difference between red teaming and penetration testing is crucial, especially when assessing an organization's security maturity. Discover the difference with expert Matt Pascucci. White hat Dave Kennedy on purple teaming, penetration testing In this Q&A, Marcus Ranum discusses breaking and entering with renowned white hat hacker Dave Kennedy. What is purple teaming, and where does it fall on the security test spectrum? Kennedy talks about how collaboration works to shorten the time between detection and protection. Penetration testing, ethical hacking and vulnerability assessments news, help and research Learn how to conduct a vulnerability assessment with security testing and ethical hacking and get information on penetration testing tools and techniques. Quiz Yourself Ethical hacking is similar to penetration testing, intrusion _________________. a. testing, and red teaming b. testing and red teaming Answer Stay in Touch For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com Visit the Word of the Day Archives and catch up on what you've missed! FOLLOW US About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.