Faster Toward Disaster: A Brief Thought on OODA Loops

by Red Team Journal on April 18, 2014

John Boyd’s OODA loop (observe-orient-decide-act) is a useful method of ordering the critical train of thought and action inherent in most conflict and competition. You can find dozens of books and papers discussing Boyd’s model, and many hold it as axiomatic. A measure of its everyday influence is the ubiquity of the phrase “get inside the adversary’s OODA loop,” the idea being that you turn a tighter decision circle than your adversary and come out ahead of him, thereby forcing him to react to the conditions you set. Read on …

Heartbleeding Red: What’s a Red Teamer to Do?

by Red Team Journal on April 9, 2014

The recently exposed Heartbleed bug in OpenSSL raises an interesting question for you, the crackerjack red teamer: how far should you take your red teaming? (Since most of you don’t red team for free, the natural companion question is “How far should your customer take their red teaming?”) To wit, do you limit your red teaming to the specific enterprise or system of interest, or do you open the door to all of the enterprise or system’s external dependencies? [click to continue…]

See It Like Jones Would: The J-Switch Talisman

April 2, 2014

When flying over occupied Europe in 1941, many British bomber pilots left their I.F.F. (identification, friend or foe) transponders on, believing that the signals jammed the German radar-guided spotlights. British scientific intelligence leader R. V. Jones suspected otherwise, and he reasoned that leaving the I.F.F. on (via the so-called J-switch) was a no-win strategy for […]

Read the full article →

‘Everyday Red Teaming’ at

March 31, 2014

It’s worth heading over to to check out their latest: “Plan, Execute, and Vanish–Everyday Red Teaming.” It’s a great article on how to use red teaming for all sorts of problems. Their analogy of seeing both the inside and the outside of the cube is powerful.

Read the full article →

RTJ Featured in INSIGHTS

March 21, 2014

Red Team Journal is featured in the most recent InfoSecurity Professional INSIGHTS. In a piece by Anne Saita titled “Is It Time for Your Security Team To Start Seeing Red?” RTJ founder Mark Mateski and advisor Matt Devost discuss the need for red teaming in the modern enterprise.

Read the full article →

‘Red Teaming’: Is There a Better Term?

March 12, 2014

As long as I’ve been red teaming, I’ve heard that the community should adopt another name for the practice. “People don’t know what red teaming is,” I’ve been told. “You need to come up with something better, something more descriptive.” Alternative analysis, challenge analysis, penetration testing, devil’s advocacy–each is sometimes kicked around as a possible […]

Read the full article →

Red Teaming for Business Strategy: Five No-Nonsense Tips

March 10, 2014

If your competitors are red teaming you, they don’t want you to know, and they especially don’t want you to know how they do it. Here are five tips to help you beat them at their own game.

Read the full article →

Slippery Risk: Some Thoughts on Risk from a Red Teamer’s Perspective

March 5, 2014

Why should red teamers care about risk? Risk is ubiquitous. We face it every day, even when we leave work and take off our professional hats. (Every mom and dad knows about the risks associated with letting children go to bed without first picking up their Lego.) Risk estimates drive decisions, good and bad. Red […]

Read the full article →

RTJ-Related Blogging and Social Media

March 3, 2014

Let me answer a question that you probably haven’t thought to ask: “What’s been happening lately with Red Team Journal-related blogging and social media?” No, we’re still not on Facebook, but our Twitter feed continues to march along. I’ve personally neglected my LinkedIn profile but am working on getting it up to speed. In fact, […]

Read the full article →

‘Red Teaming for Security Professionals’ Course

February 24, 2014

Dr. Mateski will be teaching a two-day course titled “Red Teaming for Security Professionals” May 13–14 in Fairfax, VA. Further details, including the agenda, are available on The Watermark Institute site. The course is built around a set of exercises addressing security at a fictional firm. Attendees will practice structuring a red teaming project, defining […]

Read the full article →