SANS SEC564 Red Team Operations and Threat Emulation
SANS SEC564: Red Team Operations and Threat Emulation
English | Size: 60.93 MB
Red Teaming is the process of using tactics, techniques, and procedures (TTPs) to emulate real-world threats to train and measure the effectiveness of the people, processes, and technology used to defend environments. Built on the fundamentals of penetration testing, Red Teaming uses a comprehensive approach to gain insight into an organization’s overall security to test its ability to detect, respond to, and recover from an attack. When properly conducted, Red Team activities significantly improve an organization’s security controls, help hone defensive capabilities, and measure the effectiveness of security operations.