Catch the recent “Politics, Power, and Preventative Action” podcast interview with RTJ founder Mark Mateski.

Red Teaming, A to Z

Ask 26 red teamers to generate 26 random thoughts on red teaming, and the permutations that would ensue are such that you’d walk away before reading just a small fraction of the total. Just thinking about it is exhausting, so why not read just one (this one)?

A: The “red” in “red teaming” traditionally refers to the adversary of interest—the adversary the red team emulates.

B: Systems thinking is among the core set of key red teaming skills.

C: Many pentesters are red teamers, but not all red teamers are pentesters. Read on …

Syria: Asking the Right Questions (Before and After)

The recent U.S. decision to hit a Syrian air field with cruise missiles has triggered a flurry of questions, both in the United States and abroad. It reminds me of RTJ Red Teaming Law #34 (“Question”):

In many ways, the art of red teaming is actually the art of asking the right questions, from the right perspective, at the right time. Ask the wrong questions, and it almost doesn’t matter how well your red team performs.

In this context, it’s worth adding, “Ask the wrong questions or fail to appreciate the right ones, and it almost doesn’t matter how well your cruise missiles perform.” Read on …

When to Red Team: Balancing Costs and Uncertainty

In my last Red Teaming 101 Webinar, I shared a concept that I often discuss in my red teaming courses. It involves the issue of when you should red team the system of interest, where the system is some combination of people, technology, or processes. Like many issues connected with red teaming, the short answer is “it depends,” the middling answer is “it’s a tradespace,” and the long answer, well—it’s a longer answer. During the Webinar, one of the participants asked if I’d posted the concept on RTJ; I hadn’t to that point, so I assembled this post. Read on …

The 2017 Red Teamer’s Bookshelf

A picture of booksIt’s been a couple of months since we first announced that Red Team Journal,, and OODALoop would be compiling the latest “Red Teamer’s Bookshelf” jointly. For those of you who’ve been waiting, the list is finally here. It’s larger than previous years, so we’ve organized the titles by category (and yes, some of these titles would fit in more than one category). The titles address a range of red teaming activities and skills, with a noticeable increase in special operations books this year. Thank you to everyone who submitted titles. (You can also find the the list here.) Read on …

The False Client

It’s one thing to red team; it’s another thing entirely for a red team to facilitate useful change. All red teaming is embedded within a culture, and savvy red teamers learn quickly that not all red team engagements are what they appear to be. Sometimes a client hires a red team to validate what the client already “knows” (typically then tying the red team’s hands through a set of overly constrained rules of engagement). For the experienced red team, this usually yields a level of frustration that’s best avoided by simply not taking the job.
      In a roundabout way, the quote below from Jorge Luis Borges reminds us of the red team client who feigns interest in uncovering the uncomfortable truths. Read on …

The Hazards of Cross-Cultural Red Teaming

Are members of all cultures equally good at intuitive red teaming? Though his words might sound stilted and “politically incorrect” to our sensitive 2017 ears, F. S. C. Northrop, writing in 1946, suggests that the answer is “no.” He begins by arguing that the “ideographic symbolism” of the Chinese language yields a “superlative degree of fluidity, a capacity to convey the unique particularity, nuance, and precisely refined richness of the specific, individual experience which probably no other mature language in the world today achieves.”1 This, he suggests, generates within “the Chinese psychology” an exceptional ability to identify with other cultures: “It is doubtful,” he says, “if any other people have such capacity as have the Chinese, having visited, lived with, and immediately experience the culture and psychological reactions of another people, to put themselves in the intuitive standpoint of that people.”2 He cites examples of Chinese students living in France and the United States, who exhibit a remarkable ability to absorb the cultural perspectives and habits of their host countries. He attributes this ability not just to the fluidity of the Chinese language but also to the “ancient philosophical and religious intuitions” of the Chinese culture.3 Further, he warns that “Unless we of the Occident find in our own immediate experience the factors to which their remarkably denotative philosophical and religious terminology refers, we can never hope, regardless of our information, or our observation, to understand either the Chinese or any other Oriental people.”4 Read on …

  1. F. S. C. Northrop, The Meeting of East and West, p. 318 []
  2. Ibid., p. 318. []
  3. Ibid., p. 319. []
  4. Ibid., p. 319. []

The Seen and the Unseen

In his 1946 book Economics in One Lesson, Henry Hazlitt unfolds an interesting systems-oriented principle that we believe belongs in every red teamer’s toolkit. Often, Hazlitt tells us, the unseen is more important than the seen, even though we naturally tend to focus on the seen. Among other things, Hazlitt discusses public-works projects, which generate visible activity and tangible results. What we don’t see is the “what-might-have-beens,” the results that would have emerged had the same resources been applied differently. Read on …

Calling All Red Teamers: Help Us Build the 2017 Bookshelf (Updated)

A picture of booksIt’s time to update The Red Teamer’s Bookshelf. In the past, we’ve either built the list ourselves or consulted a small group of colleagues. This time we’d like to crowdsource the list in partnership with and OODA Loop. Use the contact page to send us the titles of the book or books that you believe red teamers should be reading. (You can reach back into history; these don’t need to be 2016/2017 titles.) When you do send us your title or titles, add a sentence on each telling us why you think it’s important. After a week or so, we’ll aggregate the submissions and post The Red Teamer’s Bookshelf (2017 Edition) at all three sites. To get your thinking started, here are the previous lists:

Matt Devost’s list of the best security, business, and technology books over at OODA Loop is worth checking out as well.