Traditional Penetration Tests often eliminate some avenues of attack and tactics that real adversaries are currently using. Unlike traditional testing, red team simulation takes an integrated approach to assessing Information Security defences by combining multiple testing strategies into a comprehensive offensive engagement with the sole objective of gaining access to Crown Jewels.

PatientZero Adversarial Attack Simulation is comprised of multiple engagement phases and components that can be customised to meet an organisation’s security objectives. We follow ATT&CK framework for our Red Team exercises that include Reconnaissance, Threat Modelling, Attack Planning, Electronic and Physical Perimeter Testing, Exploitation and Post-Exploitation, and Key Findings and Recommendations. Adversarial Attack Simulation can include:

• Spear Phishing
• Specialised Malware
• Open-Source Reconnaissance
• Social Engineering
• Targeted Web Application Attacks
• Physical Security Attacks
• Wireless Attacks