Naslov
Red Teams - Pentesters, APTs, or Neither

Autori
Kovačević, Ivan ; Groš, Stjepan

Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni

Skup
43nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO 2020)

Mjesto i datum
Opatija, Hrvatska, 28.09.2020. - 02.10.2020

Vrsta sudjelovanja
Predavanje

Vrsta recenzije
Međunarodna recenzija

Ključne riječi
cybersecurity, red teaming, penetration testing, security assessment, advanced persistent threat

Sažetak
In cybersecurity, red teams emulate real threats and launch attack operations to assess an organization’s security posture and provide experience to it’s defenders. Although red team engagements share similarities with penetration testing and vulnerability scanning, they differ significantly in terms of goals and purpose. Moreover, just mimicking real threats does not make red teams APTs. This paper summarizes various academic and industrial views on the topic of cyber red teaming and aims at clarifying the common properties that differentiate it from other types of security assessments and real attackers. Based on evidence from case studies and various expert opinions, we have concluded that red teaming is a distinct type of security assessment, and that penetration tests are often mislabeled as red team engagements.

Izvorni jezik
Engleski

Znanstvena područja
Računarstvo

POVEZANOST RADA