“Red Team Journal still serves as the best open-source repository for helpful hints and emerging practices in the field.”
— MIcah Zenko, Red Team (2015)
Red Teaming, A to Z

Red Teaming, A to Z

Ask 26 red teamers to generate 26 random thoughts on red teaming, and the permutations that would ensue are such that you'd walk away before reading just a small fraction of the total. Just thinking about it is exhausting, so why not read just one (this one)?

A: The “red” in “red teaming” traditionally refers to the adversary of interest—the adversary the red team emulates.

B: Systems thinking is among the core set of key red teaming skills.

C: Many pentesters are red teamers, but not all red teamers are pentesters.

D: Some observers equate red teaming with critical thinking; many traditional red teamers consider this characterization to be too broad.

E: Red teamers learn quickly that red teaming takes dedication and commitment; not everyone appreciates having assumptions challenged.

F: Understanding traditional Western and Eastern modes of thought can greatly enhance a red teamer’s ability to frame and address issues.

G: The “team” in “red teaming” is sometimes overlooked. Working as part of a team brings insight and balance to red teaming efforts.

H: The best red teamers know when to set ego aside; aggressive, know-it-all red teamers can often do more harm than good.

I: Interest in red teaming is currently growing by leaps and bounds.

J: Red teaming isn’t just for security; the tools and techniques apply equally to just about any form of strategy development.

K: At the very least, red teaming and devil’s advocacy are close cousins. Depending on who you ask, they might even be the same thing.

L: No two red teamers are likely to agree on everything; a fact worth remembering when listening to a red team's findings and recommendations.

M: Every red teamer carries some cultural baggage; the best ones are aware of it and account for it.

N: The best red teamers know how to listen.

O: Red teaming isn’t a silver bullet, and the best red teamers understand and are willing to talk about its limitations.

P: It pays to remember that the real world embodies more complexity and uncertainty than any red team can ever master.

Q: Wargaming can be a useful complement or adjunct to traditional red teaming; it helps introduce greater reciprocity to the analysis.

S: Red teaming isn’t necessarily something you do just once; the world changes, and the best red teamers do their best to adjust.

T: Even the best red teaming can fall flat in a culture that refuses to listen to anything but the “company line.”

U: Many if not most red teamers begin their careers doing something else, and red teaming as a whole benefits tremendously from the perspectives and knowledge they bring to the practice.

V: It never hurts to red team the red team; what the red team says should be viewed as critically as what the red team itself critiques.

W: All red teamers should do what they can to avoid contributing to the practice’s potential “buzzword” status by not overstating what red teaming can do..

X: The best red teamers know how and when to doubt themselves.

Y: Beware the red teamers who talk too much and too openly about their red teaming exploits.

Z: As "sexy" as red teaming might sound to outsiders and newbies, it's often hard work; what's more, not every personality is suited to the practice, which necessarily requires the red teamer to live with and address resistance.

Strategic Red Teaming: The Systems Perspective

Strategic Red Teaming: The Systems Perspective

The False Client

The False Client