Red Team Testing
Insomnia believes that each project requires a security review as part of the Security Development Lifecycle, but as well as securing each component you need to have an understanding of your current external security posture. This is what Red Team Testing provides.
A determined attacker will not try to gain access to your network through the front door, especially if the window is open. Security reviews are often done which are confined to the single IP address of the application server. This is of little help if the development, or test environment is sitting on an externally accessible IP address. This is where a Red Team exercise can prove to be invaluable in confirming the security of an organisation.
A Red Team Penetration Test involves reviewing the entire external perimeter with none or little information provided. Insomnia will test the externally accessible applications and network devices in the same manner as would any real world attacker, not confined by IP address, time windows, or attack vector boundaries. Once access is gained through the external perimeter our specialised team will continue through to the internal network until reaching a set objective.
- Custom penetration testing over an extended period of time
- Research and development of 0day exploits
- Physical location review and attack
- Network discovery and vulnerability assessment
- Social engineering and human factor attacks
- War dialling, PABX, VOIP and voice mail system attacks
Full service descriptions, methodologies and sample reports are available upon request