Traditional security methodologies have largely been focused on prevention, aimed at eliminating vulnerabilities and thereby mitigating security breaches before they happen. Security prevention strategies and technologies are important but cannot guarantee safety from every attack. Given today’s dynamic threat landscape, it is vital to acknowledge that a breach has either already occurred or that it’s only a matter of time until it will. Red Team activities deliver end-to-end breach simulations that provide, as realistically as possible, security incidents that prepare those involved with dealing with actual breaches. The Red Team SIG provides a forum for practitioners to discuss the state of the art for tools, technologies, processes and methodologies for red team activities and to share experiences and best practices.
We have the following goals: