In the presentation we will explain that traditional intrusion tests are not enough to face new trends of cybersecurity attack, both personalized and directed (Advanced Persistent Threat - APT). Simulations of real and controlled intrusions, of Red Team exercises; are necessary to put yourself in the skin of the attacker, reproducing all his steps before reaching the goal.
The session will develop the Red Team methodology in conducting audits on cybersecurity risks, from the preparation of the attack, the exploitation of vulnerabilities, the execution of malicious actions and the elimination of traces, as well as how these tests complete the traditional audits of Ethical Hacking. For this, we will have the case study of the implementation of a Red Team and the applicability of this new approach to audit cybersecurity controls in the internal audit plans of the Organization.
Technology Risk Partner