Course OutlineModule 1: Penetration Testing vs. Red Teaming
We begin the class by explaining what Red Teaming is. This is best done by comparing it to Penetration Testing and explaining what the differences between the two are. Differences in:
Module 2: The Professional Red Teamer
Once the student understands what Red Teaming is, when then explain what is expected of a Red Teamer.
Finding and exploiting vulnerabilities, or using malware, only represent a small portion of what Red Teamers do on a day-to-day basis. Upon completing this module, you will know exactly what your role and mandate consist of, what skills you need to develop and hone, and what career outcomes to expect.
Module 3: Designing Red Team Operations
Unlike penetration testing, Red Teaming methodologies are scarce because operations and missions can greatly vary between one another. The goal of Red Teaming isn’t to perform the same attacks in the same ways all the time. Instead Red Teamers aim to challenge the way organizations think about their cyber defence and illuminate improperly managed cyber risks. This is done by doing things more or less differently each time.
Instead of thinking of Red Teaming as a standard methodology with steps and checklists, one must approach it as a structured brainstorming exercises that gets executed on the network in parts or in full.
In this module, we teach you the structured analytics techniques to invent, design, and propose an unlimited number of Red Team Operations.
Module 4: Attacking Windows Systems
In this module we explain the Kill Chain model for Red Team Operations against Windows networks.
This module is supplemented with online exercises to build practical experience.
Module 5: Writing a Proposal
In this module, we impart a simple formula and structure to prepare Red Teaming proposals that win work.
Module 6: Writing a Report
The advice that you provide in your report is what the customer is paying for. Hence, your reports must be top-notch. In this module, we share our experience writing hundreds of reports that have delighted customers. Some of the subjects covered include:
Module 7: Interviewing for Red Team Roles
- Report structure
- How to write the Executive Summary
- How to translate technical risks into business risks
- How to structure findings
- How to explain what you’ve done in a way that allows non-technical stakeholders to make decisions
- Security recommendations and advice
Finally, we end the course by sharing advice on how to apply and get hired as a Red Teamer:
How to select an organization in line with your values and where you want your career to grow
How to apply for a junior Red Teamer role in a way that they’ll be more likely to say “yes”
What you should include in your CV and application letter
The right attitude to have during the interview
Questions that you should ask them to confirm that the Company culture is right for you
We will also impart some guidance on how to work effectively with recruiters to maximize your chances of landing a job with the right organisation for you.