Offensive and defensive security
- Compromising the target’s security by extracting information, infiltrating its systems or breaching its physical perimeters.
- Avoiding detection by the blue team. Many attacks occur over a fleeting period of time, making it extremely tricky for the blue team to neutralise the threat before the ‘damage’ is done.
- Exploiting bugs and weaknesses in the target’s infrastructure. This highlights gaps in the organisation’s technical security that require fixing, thus improving its security posture.
- Initiating hostile activity – including sophisticated penetration testing – giving a reliable assessment of the blue team’s defensive capabilities.