What can a Penetration Tester gain from entering into the mindset of an Advanced Persistent Threat? Isn’t this what a Red Team is for? Imagine being able to connect your penetration testing actions with those of known APTs. Embrace your ability to help your client determine if their defenses are effective against potential APTs.
Traditional Penetration testing is a valuable asset to any organization. As a Penetration Tester it is our job to express how a weakness can affect an organization’s security posture. To go a step further and perform a Red Team engagement, an organization would get a solid understanding of how their security posture holds up to a simulated adversary. We know that these types of engagements are quite different in nature, but when it comes to penetration testing what if we could put a new spin on our actions and reporting? Now imagine that you’re conducting a penetration test and you utilize a covert method for persistence. After doing some research on ways to better maintain this persistence you discover that APT29 (Advanced Persistent Threat) actually uses this very TTP (Tactic, Technique, and Procedure). Whether the organization’s security team is able to respond accordingly or not, you can now provide a valuable piece of information to your client. Being able to connect the similarities of your penetration testing actions with known APT TTPs can really help improve the security posture of your client. If your client is in an industry targeted by APT29, then not only did you help determine their security posture but you may have just saved them from being an easy win for the adversary. By detailing your client’s response to actions taken, you’ll be able to help them determine if their defenses are adequate enough to defend against potential APTs. My goal is to help you blend both the traditional penetration testing methodologies with Red Team Tactics in order to become a more effective Offensive Security Professional.