What is this?
What is this? Complex attack vectors and obfuscation methods are used (see mitre, for example), to achieve customers’ pre-defined targets. Unlike with penetration tests, additional measures are implemented to ensure that the customer’s security team (blueteam) does not detect such penetration too late.
Once the assessment has been completed, the detected vulnerabilities and their countermeasures are explained and the blueteam is also shown how and when the redteam’s actions could have been detected and prevented.
Like the penetration test, redteaming uncovers vulnerabilities at the customer’s technical, organizational and HR level, but the main objective of this method is to train / optimize the blueteam.