My guest for this episode of the Inner Circle podcast is John Sawyer, Associate Director of Services at IOActive. Are you secure? Sure, you’ve invested a lot of time, money and effort to security and you’ve implemented firewalls, spam filters, antimalware solutions, intrusion detection and other security tools, and you’ve developed and implemented security policies–but are you sure they’re effective? Are you confident that you can detect or block an attack right now?
A Red Team assessment would help you answer that question. Sawyer’s focus is on “Red Teaming”. Companies hire him and his team from IOActive to act as attackers and try to gain access to their network, servers, applications and data.
I want to be part of a Red Team when I grow up. I met John at RSA earlier this year and we talked about some of the exciting things he’s done and the interesting things he’s encountered as a function of doing Red Team assessments. It sounds like a super cool job.
The value for the company in hiring a team like IOActive to conduct a Red Team exercise is peace of mind. Hopefully your security measures and IT security personnel will be able to detect and thwart the Red Team attack. Even if they are, though, in most cases the Red Team will still be able to provide valuable insight to help identify weak spots that can be improved.
It’s also something that should be done on an ongoing and regular basis. Environments change. Attack techniques change. New exploits are developed. The threat landscape is dynamic and constantly shifting. Just because you pass a Red Team exercise today, doesn’t mean you would be successful next week.