Now more than ever, organisations require assurance that the investment they are making in both cyber & physical security is working and keeping malicious attackers at bay.
Full Spectrum Red Team
Why Full Spectrum Red Team?
Once commissioned for a project, our elite security team take the role of a malicious intruder and carry out covert hostile reconnaissance (both physical and cyber) followed by a full-blown covert attack against the target organisation.
Working to pre-agreed rules of engagement the team use a wide range of techniques to try to gain access & bypass security defences, including; social engineering, covert entry, intelligence gathering, dumpster diving & technical surveillance. At the end of the mission we will provide a C-level recommendation report, detailing the key areas for remediation.
A typical mission would involve the following key elements:
- Threat/Risk Assessment
- Hostile Reconnaissance
- Intelligence Gathering
- Dumpster Diving
- Authorisation & Task Confirmation
- Physical Attack
- Social Engineering (phone & email)
- Physical entry/covert entry
- Access into buildings/locations
- Hostile device placement
- Cyber Attack
- Remote access to hostile devices
- Compromise of network assets
- Malware (benign) deployment
Why work with us?
Combining both physical & cyber exploitation, we are the only choice for a the most realistic security test available.
Core to the ethos and success of the service are:
- Market leading reputation
- Strict & robust vetting of all staff
- Permanent employees
- Cohesive approach
- Global reach
- Extensive experience
Physical Social Engineering
Our social engineering services are designed to highlight gaps in your staff's security awareness and help to improve your future security posture.
A physical security assessment will focus on the measures and processes in place to secure your environment against attacks that rely on a lack of security awareness in your staff and so-called “social engineering” attacks.
Physical security weaknesses will normally be either procedural or cultural. Some organisations have excellent procedures that are simply not followed correctly due to a poor understanding of the need for appropriate security (cultural), or the procedures themselves are weak or absent (procedural).
During a physical security assessment NCC Group will:
- Utilise Open Source Intelligence gathering techniques
- Perform reconnaissance and surveillance
- Assess physical security
- Use people skills to circumvent technical controls to access sensitive areas of the organisation or restricted locations.
- Manipulate staff to identify protected information such as passwords or allow access into their workspaces.
- Determine the level of response to threats.