Overview

QCC advises on & provides a full range of Red Teaming testing services to both Government & Corporate Clients including physical penetration testing, social engineering penetration testing, cyber penetration testing and open source intelligence testing.

QCC Red Teaming services are followed by a comprehensive report detailing identified vulnerabilities & coinciding recommendations of remediation which if implemented will ensure Client risk exposure is reduced going forward.

Risk assessments

QCC can conduct red teaming risk assessments to ascertain a Clients risk exposure and then advise on the appropriate level and types of red teaming required to reduce risk to an acceptable level.

Contact us for further advice or view some of our Red Teaming case studies.

Threat briefings

QCC can deliver red teaming threat briefings to security managers, facilities managers, directors or executives responsible for the protection of their organisation from the risk of hackings, loss of information or unauthorised intrusion. Red teaming briefings are tailored for the recipients to ensure they gain a full understanding of the subject matter regardless of their pre-existing red teaming knowledge or whether they are technical or non-technical.

Strategic advice

QCC can provide strategic red teaming advice on the setting up and running of red teaming programmes for security managers, facilities managers, directors or executives. Advice is risk based and helps ensure that the correct levels of red teaming is implemented and that resources are targeted in the appropriate areas / sites. Advice is delivered in plain language to ensure non-technical staff have a full grasp of the red teaming process and service to enable them to make the best decisions for their organisation.

Contact us for further advice or view some of our Red Teaming case studies.

Red Teaming

Red teaming has been used for many years by both governments and companies to identify vulnerability’s in all forms of security. QCC red teaming services take exactly this approach by using and combining physical penetration testing, social engineering testing, cyber penetration testing, application penetration testing and opensource intelligence testing as required to challenge the existing security controls and access and exploit the defined target assets. QCC has a 100% successful track record for gaining unauthorised access to all of the Client sites we have tested and the target assets.

QCC cannot provide details of our red teaming methods here on our website as this would reduce our red teaming effectiveness but following each red teaming test we provide a full report containing details of the red teaming test, methods of testing and vulnerabilities identified with coinciding recommendations of remediation to reduce risk to acceptable levels. Some of the sub elements of a typical red teaming test are as follows:

Physical penetration testing

The physical penetration testing element of a red teaming test involves our red teaming team identifying potential vulnerability’s in the targets physical security and then attempting to exploit them and gain unauthorised access to restricted sites and areas within them. Issues identified are reported on along with solutions to mitigate the associated risks to acceptable levels. For more information on physical penetration testing click here.

Social engineering penetration testing

The social engineering penetration testing part of a red teaming test involves the red team finding possible issues in the targets procedural and human security and then testing that to see if unauthorised access to restricted sites or information can be achieved. Again issues identified are reported with recommendations to reduce risk to an acceptable level.

Contact us for further advice or view some of our Red Teaming case studies.

Cyber penetration testing

The cyber penetration testing component of a red teaming test requires the red teaming team to identify vulnerabilities in the organisations cyber security including the external network security, internal network security, application security and IT hardware security and then actioning the issues found to test if unauthorised access to the affected cyber systems or information is possible. Gaps in security controls found are reported accompanied by a set of tasks which will treat the risk and bring it down to a level agreed with the client.

Following each test our Client is provided with a full report detailing the testing, vulnerabilities identified and coinciding recommendations of remediation to reduce risk to a minimum level.

Open source penetration testing

The open source intelligence gathering part of a red teaming exercise requires the red teaming team to identify information and intelligence which can be used during the other elements of the red teaming test by the physical penetration testing, social engineering testing and cyber penetration testing teams for them to progress the various vulnerability scenarios they are trying to put together. Intelligence gained is reported on along with suggestions of remediation to tighten up the Clients security stance going forward.

Contact us for further advice or view some of our Red Teaming case studies.