Red Teaming: Next Generation Penetration Testing

Mossé Security offers next-generation penetration testing (Red Team) services that simulate an attack on your IT network. We use the same techniques and tactics as cyber threats targeting your type of company, thus allowing for targeted allocation of security investments and a vastly improved defense system. Call or email us today to identify and fix your network’s vulnerabilities.

Overview

Mossé Security offers penetration testing services that simulate realistic attackers. We replicate the same techniques, tools, and tactics employed by attackers targeting our specific clients’ industry and company profile. As a result, we can offer security defenses tailored to the threats your company is most likely to face, as well as general attacks.

Download the brochure >

Red Teaming Methodology

Mossé Security follows a Red Teaming methodology aligned with industry best practices and frameworks (e.g. CORIE, TIBER, CBEST and iCAST):

Click on the diagram to open a larger version.

Pioneering Red Teaming Services in Australia

Mossé Security has been pioneering Red Teaming in Australia since 2015. Read the presentation that our CEO, Benjamin Mossé, delivered at the AISA National Conference.

Red Team Security Tools

Many organisations new to Red Teaming services inquire about the tools that Mossé Security uses.

The short answer is: it depends on the goals, complexity, length and budget of the mission.

Simple engagements may be delivered with open-source tools such as Metasploit, PoshC2, COVENANT, and in some cases the commercial tool Cobalt Strike.

However, more sophisticated engagements will require the development of custom tools heavily inspired by the Threat Intelligence requirements of the mission.

In those cases, Mossé Security reverse engineers the tradecraft of the Advanced Persistent Threats (APT) that we are engaged to simulate, and we re-implement their tools, tactics and techniques into a custom C2 framework that our team has been developing and maintaining since 2014.

Zero Day Attack

Yes, we have access to zero-days. No further information disclosed.

Our Certifications

Our team undertakes 2,000+ hours of pre-deployment training per year. Here are some of the certifications we hold and maintain:

Free Project Consultation, Scoping and Quote

Call us on 1300 730 035 or submit the form below