Red team assessment is designed to simulate a real attack that could be launched against an organisation. In contrary to a penetration test it is usually not that restrictive in terms of scope and focuses on 'getting inside' instead of finding as many vulnerabilities as possible.

Often the testers are not limited only to attack the applications and/or infrastructure but also can perform social engineering attacks (e.g. phishing, spear phishing) and even trying to breach physical security controls on premises.

It is a great method to verify the overall security procedures inside of an organisation, effectivness of Security Operations Center (SOC) and employee awareness.


BlackOwlSec Pawel Wylecial
VAT-ID PL7822493185