https://systemoverlord.com/tags/red-teaming.htmlRecent content in Red Teaming on System OverlordHugoen-usdavid@systemoverlord.com (David Tomaschik)david@systemoverlord.com (David Tomaschik)Tue, 26 Mar 2019 00:00:00 +0000https://systemoverlord.com/2019/03/26/so-you-want-to-red-team.htmlTue, 26 Mar 2019 00:00:00 +0000david@systemoverlord.com (David Tomaschik)https://systemoverlord.com/2019/03/26/so-you-want-to-red-team.html<p>So there&rsquo;s a lot of confusion out there about Penetration Testing and Red Teaming. I wanted to put together a list of resources for those familiar with infosec or penetration testing who want to get into red teaming or at least get a better understanding of the methodologies and techniques used by red teamers.</p> <p>First, it&rsquo;s important to note that Red Teaming is predominantly comprised of two things: alternative analysis and adversary simulation. Red teams do not attempt to find &ldquo;all the vulnerabilities&rdquo; and do not usually try to have a wide breadth of coverage. Instead, red teams seek to simulate an adversary with a particular objective, predominantly to act as a &ldquo;sparring partner&rdquo; for blue teams. Keep in mind, red teams are the only adversary that will debrief with the blue team so that blue team can figure out what they missed or could have done differently.</p> <p>For more about the specific definition of Red Teaming, check out the presentation <a href="https://www.slideshare.net/TobyKohlenberg/red-teaming-probably-isnt-for-you-81283357">Red Teaming Probably Isn&rsquo;t For You</a> by fellow red teamer Toby Kohlenberg.</p>https://systemoverlord.com/2017/09/18/getting-started-in-offensive-security.htmlMon, 18 Sep 2017 00:00:00 +0000david@systemoverlord.com (David Tomaschik)https://systemoverlord.com/2017/09/18/getting-started-in-offensive-security.html<p><strong>Please note that this post, like all of those on my blog, represents only my views, and not those of my employer. Nothing in here implies official hiring policy or requirements.</strong></p> <p>I&rsquo;m not going to pretend that this article is unique or has magic bullets to get you into the offensive security space. I also won&rsquo;t pretend to speak for others in that space or in other areas of information security. It&rsquo;s a big field, and it turns out that a lot of us have opinions about it. Mubix maintains a <a href="https://gist.github.com/mubix/5737a066c8845d25721ec4bf3139fd31">list of posts like this</a> so you can see everyone&rsquo;s opinions. I highly recommend the post <a href="https://medium.freecodecamp.org/so-you-want-to-work-in-security-bc6c10157d23">&ldquo;So You Want to Work in Security&rdquo;</a> by Parisa Tabriz for a view that&rsquo;s not specific to offensive security. (Though there&rsquo;s a lot of cross-over.)</p>