Adversary Simulation Services
Adversary simulation (aka “red teaming”) services from AT&T Cybersecurity Consulting lets customers test their security operations and detection capabilities against the advanced penetration testing techniques used by threat actors today.
Put your detection controls and operational teams to the test.
Give security teams hands-on experience combating real world cyber-attacks
A Customer-Centric Engagement
AT&T Cybersecurity Consulting’s approach is based on industry standards and best practices for developing and executing cybersecurity exercises. We work with organizations of all sizes and maturity levels to understand their threat profile, determine the most applicable exercises, and tailor a delivery approach that works best for them.
Based on standards, informed by experience
The team leverages testing standards, such as those published by NIST, OWASP, and MITRE, and intersects this with current trends in the exploit and vulnerability landscape, emerging tactics, and threat intelligence arena. We draw upon the collective experience of the team to identify unique or emerging practices to find and exploit vulnerabilities.
Results that keep on giving
The outcome of the engagement not only show the relative success of the team in achieving the scenarios, but provides actionable recommendations for enhancing detection and prevention capabilities that would have frustrated attackers efforts. The team can validate through testing the effectiveness of changes made to the security controls.
Repeated adversary simulation exercises ensure that the people, processes, and technology that comprise the organizations security program remain capable in the face of ever changing attacker tactics, techniques and procedures.
Test drive the AT&T Managed Vulnerability Program
Offers vulnerability, asset and patch management as well as threat and risk prioritization in one solution.
Get started ⟶
Organizations that benefit most from adversary simulations are those that feel they have successfully implemented the technology necessary to close well known security gaps, detect attempts to bypass those controls, and have the people and processes to support these functions.
This will vary by organization and depend on a number of factors including the number of scenarios included, the effectiveness of the controls in place, and any unique rules of engagement. That having been said, tests could range from a couple weeks to a few months depending on these factors.
While penetration testing focuses on unpatched vulnerabilities and misconfigurations, this assessment is intended to gauge the effectiveness of security operations and incident response teams by simulating a threat actor actively maneuvering against an organization. The real-world tactics, techniques, and procedures (TTP) used by threat actors and mimicked through this service allow an organization to evaluate and exercise its prevention, detection, and response capabilities.