BlackBerry Red Team Services

Simulated Attacks, Actionable Findings.

See how your organization would stand up, through an emulated attack, using the same adversarial tools, techniques and procedures (TTPs) criminals employ. Attackers look for weaknesses in process, technology and people. We identify weaknesses and test preventative measures.
Testing that Reflects a True Attack

Testing that Reflects a True Attack

Nation states, criminal gangs, political activists and recreational hackers are just some of the threats faced by organizations today. Despite their different motives, these threat actors have one advantage in common. Time.

While typical penetration tests will be conducted within a rigid time window, BlackBerry® Red Teaming from BlackBerry® Security Services is designed to simulate a real-world attack. Testers will observe targets and choose times when attacks will be most effective—just as a malicious attacker would.

Traditional Red Team
Be proactive rather than reactive. Using carefully controlled simulated “attacks,” you can test your defences and ability to detect penetration, without suffering the damage and business disruption of a headline-generating breach. 
Breach Simulation Service
Breach Simulations are for organizations that want to exercise their overall prevention, detection and response capabilities through an end-to-end attack simulation.
Adversary Simulation Service
Adversary Simulations are for organizations that want an authentic experience of being subjected to a threat intelligence led attack by real-world adversaries targeting their industry.

How it Works

Prior to Kick-off your BlackBerry Security Services Consultant and Engagement Manager will work with you to define testing scope and acceptable level of invasiveness and disruption (Rules of Engagement).

The time scale, number of exercises and targets will also be agreed upon.

Upon kick-off, our team will work through our Red Team protocol, which can include the following types of testing:

  • Reconnaissance / OSINT
  • Network Enumeration
  • Initial Access
  • Social Engineering – Email
  • Social Engineering – Phone
  • Physical Pen Testing
  • Post-Exploitation Actions on Target

We then convert our findings into an actionable report that your team can use to understand your weaknesses and bolster your security and defences.

On-site Attacks and Testing (Physical Pen Testing)

As mentioned above, our Red Team utilizes many different types of tests to perform our services.  Here is a breakdown of one type of testing that we perform(physical penetration testing).  Each type of testing that we utilize as part of our protocol has similar attention to detail.

Our Red Team can perform physical penetration testing as part of a larger Red Team service or as a Stand-Alone engagement.  By engaging us for this type of assessment, you can find gaps in your physical defenses and mitigate them before they can turn into real attacks (cyber or otherwise)

Test your resiliency and security against real-world cyber attack scenarios.