Cyber & Red Team

Cyber

  • We deliver cyber services and solutions customized to meet the distinctive needs of each business, individual and situation. Adapting the product to the customer’s needs and characterizing the threats is done at a preliminary stage.
  • We help our clients assess cyber risk, respond to cyber threats, and defend our client’s business through managed detection and response.
  • We work with our client to identify sources that have the potential to leak information enabling appropriate response. We recommend to all our customers not to wait for a cyber-attack but to perform a preliminary check where there are gaps in their computer systems.
  • Our cyber teams are highly qualified, specializing in the most leading technologies and skills. All the teams are graduates of operational cyber units in the Israeli intelligence services.

Red-Team

A security red-team is a test that aims to assess the security level of an organization, identify main weaknesses in its security posture, provide insights about the organization’s resilience level, and reveal how prepared it is to withstand a real-life attack. The way to provide such assessment is by simulating real cyber-attack. The standard process of a security red-team involves the following stages:

  • Planning – working with a client to define the scope, timeline objectives. Rules of engagements etc.
  • Information Gathering – This stage may be also called threat intelligence or reconnaissance. This is the stage where the team collects information about the potential attack surface and build an attack plan.
  • Initial Penetration – Finding the first point of access which may be an external facing server, a user endpoint, or any other endpoint in the organization network.
  • Establishing control – Usually involves elevation of privileges and establishing some method of remote control (reverse shell, web shell, RDP access etc.)
  • Lateral movement and Trophy Hunt – Once the team has established some type of control of internal resources in the network, it is time to move forward and access the most valuable assets of the organizations (e.g., access the payment system and prove you can make a transaction). These trophies are defined together with the customer at the planning stage.

© All Rights Reserved 2022 Sabra

Skip to content