Abstract
In cybersecurity, red teams emulate real threats and launch attack operations to assess an organization's security posture and provide experience to it's defenders. Although red team engagements share similarities with penetration testing and vulnerability scanning, they differ significantly in terms of goals and purpose. Moreover, just mimicking real threats does not make red teams APTs. This paper summarizes various academic and industrial views on the topic of cyber red teaming and aims at clarifying the common properties that differentiate it from other types of security assessments and real attackers. Based on evidence from case studies and various expert opinions, we have concluded that red teaming is a distinct type of security assessment, and that penetration tests are often mislabeled as red team engagements.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
