EXPLAINING “ RED TEAMING “ vs “PENTESTING” TO A “3 YEAR OLD”
There are many methods to assess the security of a company. Vulnerability Scan & Assessment,Penetration Testing or Pentesting, and Red Teaming. Red teaming vs. penetration testing — two options, one choice.For clarity we will explain the goal of each of the methods, because these three
methods often get confused.
Vulnerability Scan & Assessment gives a complete overview of the vulnerabilities of the target scope . It uses automated scanning tools, extended with validation by the team that runs the scan. After the scan the team identifies the weak spots and gives an advice for improvement. The results will be summarized in a report which
the client organization can use to reduce their security risks.
Penetration testing focuses mainly on your company’s total vulnerabilities.The difference here lies in what happens then when those weaknesses are uncovered. During a pentest the target scope will also be scanned, but a pen-test extends on a vulnerability scan & assessment by actually trying to exploit the vulnerabilities. By exploiting the vulnerabilities the consequences of an issue will become a lot clearer. A pentest will show the seriousness of issues, so the client will become aware
of the potential dangers. The results will also be shown in a report,
including a risk analysis and recommendations for the client.
Red teaming tests your organization’s detection and response capabilities.The key difference for Red Teaming is simulation, to simulate a full-spectrum cyber-attack. The Red Team will emulate attacks in such a way a real malicious actor would and looking to avoid detection. This is a narrow and very quiet process. It also means that the team responsible for the attack isn’t looking for as many vulnerabilities as it could get. Instead, it focuses on the one that will allow it to complete its goal and measure how mature your business’s internal security is.
They offer a variety of possibilities for every business seeking to boost its cybersecurity, and depending on your particular situation, it may be challenging to decide which one to use.
Which one is right for you?
“You certainly wouldn’t hire ninjas to find every buried treasure in a specific piece of land. Similarly, you wouldn’t want to send noisy pirates to perform stealth missions.” Alexander Guebez (Forbes TechCouncil)
Arguably is to use pentesting if your organization’s security is in the early stages. If your company relies on mature security programs, I would suggest trusting a red team.