BlackBerry Red Teaming

A Real World Approach to Assess Your Organization’s Security

Contact Us

Penetration Testing that Reflects a True Attack

Nation states, criminal gangs, political activists and recreational hackers are just some of the threats faced by organizations today. Despite their different motives, these threat actors have one advantage in common. Time.

While typical penetration tests will be conducted within a rigid time window, BlackBerry® Red Teaming from BlackBerry® Cybersecurity Consulting occurs over an extended period. Testers will observe targets and choose times when attacks will be most effective—just as a malicious attacker would.

How Does it Work?

Prior to commencement of the service your BlackBerry Cybersecurity consultant will work with you to define testing scope and acceptable level of invasiveness and disruption. The time scale, number of exercises and targets will also be agreed upon.

Simulated attacks may be delivered in multiple formats:

  • Electronic
  • Social vectors
  • Physical assessments

The result will be a full understanding of your organization’s defences and will take into account your security culture and readiness as a whole. 

Remote Surveillance and Discovery

OSINT (Open Source Intelligence)
Disgruntled and Targeted Employees
External Infrastructure Assessment
VPN Testing
Client-side Attacks
Tech Support Attack
Cracking Wi-Fi

On-site Attacks and Testing

Unauthorized access can be gained by tailgating, cloning access cards, using a fake persona or exploiting weak security measures. 

Once on-site, testers can attempt to gain access to the server room and look for further vulnerabilities.

A tester can attempt to gain access to physically unsecured documents that may reveal sensitive information. 

If testers gain access to the internal network, they can assess and exploit network vulnerabilities.

Once a device is obtained, applications on the device can be exploited, and sensitive information can be revealed.

If source code of an application written by your organization can be obtained, a competitor could acquiring the same information.

Credit card sized PC’s can be hidden behind tower PCs or furniture to intercept and transmit data from an internal network over an SSH protocol. 

Tiger scenarios provide real time, real life feedback in relation to how an organization would respond to a real time security threat.

Physical Access Server Room Access Documents Access Network Access Obtaining a Device Obtaining App Source Code Dropbox Left On-Site Tiger

Ready to Get Started

Get a comprehensive picture of your organization’s risk profile and put a plan in place to reduce vulnerability.

Contact us