The types of penetration tests carried out by the Red Team are highly dependent upon the security needs of the client. For example, the entire IT and network infrastructure might be evaluated, or just certain parts of them. Once this has been decided upon, then the specific functionalities of what will be tested is then critically examined. Software applications (such as those that are Web-based) could become targets, the physical infrastructure could get hit, or even a combination of both.
This part defines the entire goals and objectives during the penetration testing exercise, such as:
This phase involves collecting information and data about the targets that are going to be hit by the Red Team. Examples of this include the following:
At this stage, the types of cyberattacks that will be launched by the Red Team are mapped out, as well as how they will be executed. Some of the factors that are taken into consideration here:
At this point, the cyberattacks that have been mapped out are now launched towards their intended targets. Examples:
This is considered to be the last phase of the methodology cycle, and it primarily consists of creating a final, documented reported to be given to the client at the end of the penetration testing exercise(s). It consists of the following components:
What Our Customers Say?
Valency Networks is a very techie company, focusing on a continuous improvement in service quality. Our customers like us exactly for that and that helps us keep our quality to the best extent.