Red Team Exercise

Overview

KirkpatrickPrice methodologies are unique and efficient because they do not rely on static techniques and assessment methods. Effective ethical hacking services require a diligent effort to find enterprise weaknesses, just like a malicious individual would. KirkpatrickPrice is your security partner. We are committed to working with your staff to ensure effective information security practices across your environment. Our security assessment methodology is derived from various sources including the Open Source Security Testing Methodology Manual (OSSTMM), Penetration Testing Execution Standard (PTES), Information Systems Audit Standards, CERT/CC®, the SANS® Institute, National Institutes of Standards and Technology (NIST), and the Open Web Application Security Project (OWASP). The primary objective of our security assessment methodology is to clearly and effectively communicate with you both throughout the project and about our observations. It is our belief that this will enable the most accurate and efficient results because information security services are dynamic in nature. Discovery and comprehensive testing of the ongoing findings will be a mutual collaboration that is relevant to your specific AWS environment. Our experts hold AWS certifications such as Certified Cloud Practitioner, Solution Architect, and the Security Specialization.

Methodology

KirkpatrickPrice will use open source, proprietary tools, and methodologies used by “hackers” and security auditors to conduct the external vulnerability assessment and penetration test, with the exception of those tools and techniques that are known by KirkpatrickPrice to cause denial of service. KirkpatrickPrice will emulate the tactics used by an outside attacker whose goal is to attempt to breach the security of your network and computer systems, including your AWS Cloud environment. The Red Team Exercise methodology allows for both automated and manual testing effort. This service level takes an in-depth look at the systems and networks that are in scope for testing. Vulnerabilities identified from automated effort are exploited for confirmation, but additional effort is spent on post-exploitation activities (where possible) to identify and demonstrate how the initial attack could lead to further compromise if leveraged by a real attacker. Additional manual effort is spent on reconnaissance, discovery, and exploitation of vulnerabilities that are not easily captured by a vulnerability assessment. Examples of this include but are not limited to sniffing and interacting with broadcast network traffic, Man-in-the-Middle attacks, and password attacks. The assessment will occur in seven phases:

Phase 1 Objectives Definition Workshop

Activities in this phase include:

• Review current business context
• Document critical business process and assets
• Review AWS environment and associated tools (EC2, CloudTrail, etc)
• Review the threat landscape
• Define red team objective(s)
• Define approach - External or assumed breach

Phase 2 Recon & Threat Management

Activities in this phase include:

• Conduct target organization research
• Research and model relevant threats
• Research likely threats and TTP's that align with engagement objectives
• Prepare TTPs for use during engagement

Phase 3 Initial Access

Leverage identified data and vulnerabilities to exploit systems or people to gain initial access.

Phase 4 Establish Persistence

Once the initial foothold has been established, actions will be taken to maintain access.

Phase 5 Escalation/Lateral Movement

Escalate privileges and move laterally using defense evasion techniques within the organization to achieve the defined objectives.

Phase 6 Data Exfiltration

Discover, collect, and exfiltrate target data

Phase 7 Reporting & Debrief

Present a detailed report of the findings, which includes executive report, red team findings, control success and failures, and recommendations for improvement.