Red Teams - Pentesters, APTs, or Neither (CROSBI ID 695776)
Prilog sa skupa u zborniku | izvorni znanstveni rad | međunarodna recenzija
Podaci o odgovornosti
Kovačević, Ivan ; Groš, Stjepan
engleski
Red Teams - Pentesters, APTs, or Neither
In cybersecurity, red teams emulate real threats and launch attack operations to assess an organization’s security posture and provide experience to it’s defenders. Although red team engagements share similarities with penetration testing and vulnerability scanning, they differ significantly in terms of goals and purpose. Moreover, just mimicking real threats does not make red teams APTs. This paper summarizes various academic and industrial views on the topic of cyber red teaming and aims at clarifying the common properties that differentiate it from other types of security assessments and real attackers. Based on evidence from case studies and various expert opinions, we have concluded that red teaming is a distinct type of security assessment, and that penetration tests are often mislabeled as red team engagements.
cybersecurity, red teaming, penetration testing, security assessment, advanced persistent threat
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
Podaci o prilogu
1499-1506.
2020.
objavljeno
Podaci o matičnoj publikaciji
Skala, Karolj
1847-3938
1847-3946
Podaci o skupu
MIPRO 2020
predavanje
28.09.2020-02.10.2020
Opatija, Hrvatska