What is the difference between a penetration test and a red team?
A penetration test finds and proves as many vulnerabilities as it can in a defined scope and a set time. A red team is goal-based and much quieter: we agree a real objective, such as access to a specific system or dataset, and take whatever route gets us there, digital, human or physical, while testing whether your team notices. A pen test measures how exposed a system is; a red team measures how well your whole organisation prevents, detects and responds to a real attack.
Do you search for our leaked and breached data and credentials?
Yes. During the intelligence phase we search public and breach datasets for your exposed credentials, documents and other data, the same sources a real attacker would use. Reused and leaked passwords are still one of the most common ways in, so we check what is already out there about your organisation and your people.
Will you test whether our team detects the attack?
Yes, and that is a big part of the value. We work as quietly as a real attacker and record what we did and when, so afterwards you can line it up against what your tools and your team actually saw. The debrief shows exactly where you detected us, where you missed us, and how to close those gaps.
Do you use real malware, and is it safe?
We use the same techniques a real attacker would, with custom tooling where it is needed, but always safely and under agreed rules. We do not use destructive payloads or anything that risks your data or your uptime, we agree in advance what is in and out of bounds, and everything is logged so it can be reviewed and unwound.
What is an assumed-breach engagement?
Assumed breach means we start from a foothold you give us, such as a standard user account or a machine on your network, rather than spending days getting in. It is efficient: it puts the time into what a capable attacker does after the first foothold, which is usually where the real damage happens.
How long does a red team engagement take?
Longer than a standard test, because stealth and intelligence take time. A focused engagement runs over a few weeks; a broader one longer. We scope it with you around your objective and your budget on a free call, and agree the length and intensity up front.