During a red teaming engagement, highly trained offensive security professionals model and emulate attack scenarios to identify potential weaknesses in people, processes and technology. We identify those weaknesses and test the security controls in place around them.

Visualisation of the current state and maturity level of information security and cyber security helps link the technical and business perspectives, enables the presentation of complex information in a simplified form, and provides management with good input for managing strategic changes.

Our red teaming engagements can be customised based on the needs and intelligently scoped to provide maximum value for our clients.

Alternative options to package our red teaming services include scenarios like assumed breach and purple teaming, where the blue and red teams work together collaboratively and the red team trains the blue team to help them detect various attacks.

A typical assumed breach engagement takes about 30 days.

The red teaming service consists of four phases:

Initiation phase

During the initiation phase, the scope of the engagement is established and communication channels are identified along with parameters of the engagement.

Intelligence phase

The intelligence phase consists of collection of threat intelligence, development of threat scenarios, resource development and attack modelling.

Penetration phase

The penetration phase is where the adversary simulations are executed with careful and constant communications with the client. Each attack step is communicated and documented during execution. Detection and response capabilities are assessed.

Closure phase

In the closure phase, an intelligence, detection and response report is produced, a remediation plan is finalised and the client’s stakeholders are debriefed.

Output for the client

Output of the red teaming service:

  • red team reveal
  • intelligence, detection and response report
  • purple teaming (optional)
During a red team reveal, we will present the findings from the engagement, describe our methodologies and the kill chain followed as well as provide an analysis on the client’s detection and response capabilities observed during the engagement. Reporting is critical to understanding the value you receive from a red team engagement. We aspire to be the best in the industry with our reporting. Each report is customised to the specific scope of the engagement and outlines threat intelligence discovered, attack execution details and detection results.

Our reports are designed to be easily digestible by various audiences but complete in the findings, highlighting both the exploitation likelihood and potential impact for each vulnerability. In addition, a customised remediation strategy is identified for mitigation of the associated risks.

Turn threats into opportunities

Provide a safe and sustainable business environment for your company. We help build a resilient and reliable digital landscape, even in the face of changing threats.

KPMG Baltics OÜ

+372 626 8700
cyber@kpmg.ee
Ahtri 4, 10151 Tallinn, Estonia
 ${item.title}
KPMG Baltics KPMG Global Privaatsuspoliitika
 KPMG IT Audit
Email again:

Analysis of employee awareness

Analysis of employee awareness focuses on mapping the skills and increasing the competencies of the weakest link in cyber security: the users, the employees.
Email again:

Threat assessment

Threat assessment is a tactical and technical service that allows a company to get a quick overview of external threats.
Email again:

Maturity assessment

Maturity assessment helps plan IT investments and design further steps to mitigate vulnerabilities and ensure better security.
Email again: