Red Teaming (RTO)

Super Security offers adversary simulation services such as Red Teaming


Red teaming is different than Penetration Testing in a sense that it simulates real attackers who may target your organization. In Red Teaming, Super Security will emulate a real Advanced Persistence Threat (APT) actor’s tactics, techniques, and procedures (TTPs) against your people, processes, and technologies.

Super Security Offers the following types of Red Teaming, which you can choose from based on your need:

Assumed Breach

In the Assumed Breach RTO approach, Super Security is given an access to your network either through a VPN, internal, or payload delivery that gets executed by you. Since a real attacker doesn’t have a specific time for the assessment, this approach will help decrease the time of the assessment dramatically as it will give the consultants an initial entry to your infrastructure. After gaining the initial access, the consultants will try to reach the final objective that was agreed upon between Super Security and your organization.

No Access

In the No Access RTO approach, Super Security is acting like a normal attacker who doesn’t have any access to the network. Super Security consultants will try to gain initial entry by any means necessary, which can include physical access, social engineering, attacking exposing services, and via threat hunting activities. After gaining the initial access, the consultants will try to reach the final objective that was agreed upon between Super Security and your organization. Note that if the initial entry wasn’t achieved, Super Security usually recommends changing the engagement to an Assumed Breach approach.