About the Book
Red Team Development and Operations
Download the Table of Contents
Red Teaming is the process of using tactics, techniques, and procedures (TTPs) to emulate real-world threats to train and measure the effectiveness of the people, processes, and technology used to defend environments. Built on the fundamentals of penetration testing, Red Teaming uses a comprehensive approach to gain insight into an organization's overall security to test its ability to detect, respond to, and recover from an attack. When properly conducted, Red Team activities significantly improve an organization's security controls, help hone defensive capabilities, and measure the effectiveness of security operations.
The Red Team concept requires a different approach from typical security testing and relies heavily on well-defined TTPs, which are critical to successfully emulating a realistic threat or adversary. Red Team results exceed a typical list of penetration test vulnerabilities, provide a deeper understanding of how an organization would perform against an actual threat, and identify where security strengths and weaknesses exist. Whether you support a defensive or offensive role in security, understanding how Red Teams can be used to improve security is extremely valuable. Organizations spend a great deal of time and money on the security of their systems, and it is critical to have professionals who can effectively and efficiently operate them. This book will provide you with the skills to manage and operate a Red Team, conduct Red Team engagements, and understand the role of a Red Team and its importance in security testing.
Get the Book
Overview Video
About the Authors
Joe Vest
Twitter: @joevest | LinkedIn: joe-vest
I have spent over 20 years in cybersecurity, with the last 15 years focused on offensive security operations. My philosophy is simple: "The threat gets a vote". If you build a defense without considering how an actual adversary operates, you are letting the threat make your security decisions for you.
James Tubberville
Twitter: @minis_io
James Tubberville has held a number of roles ranging from system and network administrator to Chief Information Security Officer during a 22+ year career. In addition to owning a successful security consulting company, James has built and managed security operations and testing programs for two Fortune 10 companies. James is a former member and lead for a NSA certified Red Team and has extensive experience in threat intelligence based security operations and testing.