In part one we discussed what a Red Team Assessment is, but how does a Red Team Assessment differ from a Penetration Test?
With a Red Team Assessment, we’re testing the whole company, essentially how it fares up to a worst-case scenario attack, whether that’s by a competitive company engaging in corporate espionage hell-bent on disrupting business, or harvesting data, or a criminal organisation breaking in and stealing physical equipment or damaging key infrastructure.
Whilst Red Teaming is a fantastic way to test against identified threats your business may come up against, by design it does not seek to discover all vulnerabilities on your corporate networks or company devices. Red Team operatives will probe for the weakest areas to reach the goal, grab the low hanging fruits because this is what a real-world attacker would do. An attacker has a goal, a motivation, whether that be financial or data theft, infrastructure disruption or motivated politically. Whatever the reason may be, an attacker is not going to risk compromise by trying to hack into your networks when a simple phone call to a member of staff could get them to reveal their Azure login passwords.
This is where a penetration test fits in perfectly. A penetration test is designed to find all the vulnerabilities and configuration issues on your internal and external Web Applications, network and mobile devices and workstations, and exploit those vulnerabilities using tools and methods a “hacker” would often use. The penetration tester would then determine what risk these vulnerabilities pose to your organisation and provide a comprehensive remediation report against these vulnerabilities. A penetration test focuses mainly on your virtual infrastructure.
The two services are often used interchangeably and Penetration Testing is often used as an umbrella term for a number of security testing services. However, as you’ve read, they are different and Pentest People can help you decide which is the best test for you.