Latest stories

Red Teaming: Behind the Bluster

R

Red teaming sounds cool, right? So why isn’t everyone doing it? A lot of reasons exist, one of which is the simple fact that people often don’t want to learn what they don’t know. This very human behavior is the basis of RTJ Red Teaming “Law” No. 1 (“The Jaunty Man”). Yes, valid reasons not to red team exist, but to get at those, you first need to...

Strategic Red Teaming: The Job Description

S

Over the past few years, we’ve read a lot of red team job postings. The vast majority of them were for pentesting positions. That’s well and good, but there’s a different, broader sort of red teaming we believe enterprises should also be conducting. We call it “strategic red teaming,” and it addresses security-related risks across the enterprise from a systems...

The Day Before

T

When it comes to haunting events, we tend to remember the date: Dec. 7 (Pearl Harbor), Nov. 22 (Kennedy assassination), Sept. 11 (World Trade Center attack). As risk and security professionals, we also tend to start working on the problem retroactively the next day, doing our best to make sure something like it doesn’t happen again. What we don’t think about nearly as much is what was happening...

Red Teaming, A to Z

R

Ask 26 red teamers to generate 26 random thoughts on red teaming, and the permutations that would ensue are such that you’d walk away before reading just a small fraction of the total. Just thinking about it is exhausting, so why not read just one (this one)? A: The “red” in “red teaming” traditionally refers to the adversary of interest—the adversary the red team emulates. B: Systems...

Categories

Terms of Use

Please read.