Unlike the standard penetration test, which aims to highlight as many security flaws as possible, the goal of the »red team« test is to actually penetrate the organization’s information system. The engaged team of specialized Red teamers tends to penetrate as deeply as possible into the organization’s information environment while remaining unnoticed.
Indirect and also measurable »red teaming« indicators in terms of cyber resilience are:
- elapsed time of successful penetrateon of the organization’s environment (Initial Compromise)
- elapsed time until possible detection and impediment by qualified personnel of the organization (eg technical protection, notification of suspected incident by an employee, SOC – security operative center, IT department, “blue team”).