Tagred teams

Gene Wolfe and the Unreliable Narrator

G

I went on a bit of a Gene Wolfe binge recently. If you like speculative fiction and haven’t read any of his books or short stories, give them a try. One of the things you’ll notice is that you can’t trust the narrator. This is true of his highly regarded longer works such as The Book of the New Sun and The Fifth Head of Cerberus and of (most of?) his short stories such as...

10 Things You Can Do Right Now to Start Red Teaming (Updated with Infographic)

1

Real-world security teams often lack the time to engage in deep red teaming. We get it, so here’s a set of quick, back-of-the-envelope red teaming drills you can run while running from one crisis to the next. Draw a simple systems diagram: primary functions, inputs, outputs, key interfaces. Does your security team consider and address all of them? If not, why not? List three harmful things you...

Red Teaming: Closing the Gaps

R

Despite the fact that we pride ourselves on thinking laterally and creatively, we red teamers are still human, and as humans, we share a host of “wetware” issues with our non-red teaming colleagues. The difference? We’re aware of the issues (or at least we should be), and we (usually) try to do something about them. Even so, the issues persist...

The Essence of a Superior Red Teamer

T

We’re sometimes asked “What makes a good red teamer?” While the range of attributes is actually quite broad, it’s possible to distill these attributes to a finite or representative set. The following infographic captures what we believe to be at least a few of the superior red teamer’s most salient attributes. Enjoy! And for accessibility purposes, here’s the...

Red Teaming: Degrees of Influence and Control

R

When red teaming, it’s often useful to model and distinguish elements of the engagement based on the degree of influence or control each actor exercises over these elements. For example, as the red team (RED), I unilaterally control some aspects of the engagement domain. I choose my goals, and I choose how to invest my time and resources. I also choose various aspects of my operational code. I...

Categories

Terms of Use

Please read.