Vulnerability assessment , penetration testing or red teaming : which is right for your enterprise ?
Red teaming is a service focused on the assessment of a company ’ s operational security capabilities via conducting a sophisticated attack simulation exercise and evaluating detection and response reaction of defending SOC specialists ( blue team ). Alexander Zaytsev , Head , Security Assessment , Kaspersky , explains the difference between red teaming and other services including vulnerability assessment and penetration testing .
More than a third of enterprises experienced a targeted cyberattack in 2020 . So , you might say that it ’ s important for companies to understand how their security operations would hold up if they are faced with similar sophisticated threats . Arguably one of the best ways to achieve this understanding is to look at your own organisation from a threat actor ’ s standpoint . Unfortunately , there ’ s a plethora of security assessment service offerings out there , masquerading behind misleading marketing materials .
What are security assessment services all about ? From our experience , customers often get confused between three types of services – vulnerability assessment , penetration testing and red teaming .
Unfortunately , in the field of information security , a lot of shiny , new terms eventually get promoted aboard a hype-train for a never-ending ride of supply-creating demand . This was true when penetration testing first became a thing and the same is true today for red teaming .
Alexander Zaytsev , Head , Security Assessment , Kaspersky
Almost any security service provider on the market is ready to offer some form of “ red team ” service , because more and more regulations demand it , resulting in more and more requests for proposals ( RFPs ), which push requests for “ new services ”.
Closer communication with customers reveals that in around 80 % of all the requests we receive for red teaming , the company is actually looking for good , old fashioned penetration testing . This discrepancy is perfectly understandable , because the “ penetration testing ” term is currently just as muddied by marketing as “ red teaming ”. The only difference being that you could easily end up getting a vulnerability scan labelled “ penetration testing ” and companies will often overlook this option in favour of an “ upper tier ” service .
That being said , we consider that the key steps to fulfilling your own expectations from any kind of security assessment service are : taking the time to formulate your needs and ensuring that the vendor understands how to satisfy them with their offering . To once again demonstrate how vulnerability assessment , penetration testing and red teaming differ , we ’ ll consider
38