CBI Incident Response / PenTest
February 24, 2017

Penetration Testing | Red Team

What Happens When Your Organization Gets Hacked?

Having your network compromised by hackers can result in substantial unplanned costs to remediate the problem, and the impact on day-to-day operations can be crippling. A breach will also erode the trust of your customers that their information is secure. The best approach to protecting your network and customers is to be proactive. We will help you minimize your risk with preemptive Red Team services. CBI’s Red Team can uncover your vulnerabilities so you can close the gaps, reduce your threat exposure, and minimize the likelihood of future incidents.

Our Red Team is comprised of industry leaders and certified professionals specializing in vulnerability assessments, penetration testing, incident response, and threat intelligence. We have delivered hundreds of assessment and penetration engagements to Fortune 500 companies, SMBs, healthcare organizations, federal and state government entities, educational institutions, and utility providers.

Customized Red Team Services

CBI’s Red Team services go beyond the conventional exploitation vectors used by traditional firms. We don’t use a tool-centric approach, but rather develop engagement-specific attack scenarios that leverage automated and manual techniques. In plain English, our services are not an off-the-shelf, one-size fits all program. Our team puts together a program that fits your business and IT security needs at a cost that your budget can accommodate.

The Red Team is a group of highly trained security consultants that take great pride in what they do. They constantly research new exploitation techniques, advanced countermeasure evasion, development of customer attack strategies, and continually enhancing their skillset.

You Won’t Find Any Black Hats Here

Our consultants are not ex-hackers with shady backgrounds. Many of our assessment team consultants have military backgrounds and carry active top secret clearances, giving our clients the peace of mind required when dealing with such a sensitive service.

Our Testing Includes

Helping your staff identify potential targets and attempt to gain access
Identifying issues that a basic scan would not detect
Consulting with management to develop a list of observations and recommendations

Identifying vulnerabilities through hands-on techniques, manual testing, and research

Assessing exploitability without the interruption of services
Conducting non-intrusive “exploit” attempts using the information uncovered
Scenario-based testing to answer the question: ‘Are we secure against this recent highly publicized attack?'

What is a Red Team

“Red Team” is the terminology used to describe IT security professionals whose primary objective is to gain unauthorized physical or digital access. Red Teams help identify gaps in security postures and often include physical methods like social engineering on-site to gain access. Organizations often rely on third party Red Teams to test their existing security posture.

The CBI Red Team Difference

CBI has been in business for over 25 years; our Red Team has been in existence for over a decade. Many of the other firms offering Red Team services have only been in business for a couple of years. As a result of being in the industry, we understand our customer requirements and have crafted our penetration testing to meet or exceed those requirements. Here are some of CBI’s differentiators:

  1. Skillset

    CBI has been conducting penetration testing for over 14 years. As an organization, we were at the front lines of helping to contribute to various penetration testing frameworks and standards such as PTES, NIST, and OWASP. Our notoriety and credibility in this industry has been established as a result of our long track record of conducting successful and valuable penetration tests for enterprise organizations.

    Every individual on the CBI red team has the relevant and trustworthy credentials and certifications required for such sensitive testing. Many of our red team consultants carry an active Top Secret clearance as part of various defense contracts the CBI Red Team is engaged on. In addition, the CBI Red Team has all the industry certifications required to demonstrate our experience and expertise in this space, including but not limited to; CISSP, OSCP, SANs penetration testing, SANS web application testing, HTCIA, InfraGard membership, ISSA membership, Michigan Cyber Civilian Corps (MiC3), and many other certifications and affiliations. In addition, various CBI team members, including the Director, have recently been awarded medals from the Pentagon and Army for their efforts in an invitation only Bug Bounty program.

  2. Reporting

    Reporting is one of the most important aspects of a penetration test. It’s critical the report is interpretable, simple to understand, and provides the organization both tactical and strategic recommendations. Having been in this industry for over a decade, we understand the requirements and expectations for a penetration test report. Simply put, we are proud of our reports and willing to share our sample deliverables to prove to our customers that our reports will meet or exceed customer expectations.

  3. Passion

    Our entire team is comprised of individuals who are passionate about what they do. We entered this industry more than 14 years ago because we were all deeply woven into the penetration testing world. At that time, the demand for penetration testing wasn’t like it is today. But our team stuck to what we did best, and we are considered industry leaders in the field.

Get In Touch

Connect with our team to get general information or answers to your questions.