EN

Red Teaming

In the current global network of APT (Advanced Persistent Threat) offensive and defensive activities, various types of attacks that are not restricted by traditional security defenses have been formed. Traditional defense systems have been unable to solve real security problems. Due to the finance attributes of the blockchain (especially the digital currency industry), stolen tokens are difficult to trace in the absence of government regulation. At this time, the digital currency industry in the early stage of development is rapidly developing in the business, while the security system construction is lagging behind. The APT attack is a "dimension reduction attack" for the current situation in this industry. Only an offensive and defensive assessment on the same level of thinking as a real attacker can maximize a comprehensive understanding of the current real security situation of the enterprise. Therefore, Red Teaming will not be limited to traditional penetration testing and will focus more on attack assessments for real vulnerabilities such as enterprise personnel, enterprise business systems, enterprise supply chains, enterprise office systems, and enterprise physical security. Based on the evaluation results and the actual security requirements of the users, we will give the optimal gradient security defense solution, and prioritize protecting the vulnerable core nodes to effectively increase the cost of attackers.

Processing Flow

Service Content

SlowMist and Joinsec set up InMist Lab to jointly launch the Red Teaming business for the digital currency industry. The main contents of Red Teaming are open source intelligence gathering, remote attack testing, proximity attack testing, personnel attack testing, and supply chain attack risk assessment. The core goal of Red Teaming: to capture the sensitive permissions and data of the target company in the thinking perspective of the APT attacker, and use this to assess the risk probability of occurring token stolen.

Number Item Subclass
1 Open Source Intelligence Gathering Enterprise asset open source intelligence gathering
Enterprise personnel open source intelligence gathering
2 Remote Attack Test Remote exploit test
Production network intranet attack test
Office network intranet attack test
Trojan horse implant test for related services
3 Proximity Attack Test Office space intrusion test
Office network intrusion test
Trojan horse implant test for office computer
4 Personnel Attack Test Enterprise personnel safety awareness test
Enterprise personnel authority attack test
5 Supply Chain Attack Risk Assessment Office network equipment risk assessment
Architecture technology selection risk assessment
Software risk assessment used in the R&D process
Software risk assessment used in the operation and maintenance process
Cloud platform risk assessment
Risk assessment of third-party online services
Third-party link risk assessment for the web front end

Service Package

Package Items Work Period
Basic Pack Open Source Intelligence Gathering 15 working days
Remote Attack Test
Supply Chain Attack Risk Assessment
Advanced Pack Open Source Intelligence Gathering 20 working days
Remote Attack Test
proximity Attack Test
Personnel Attack Test
Supply Chain Attack Risk Assessment
Expansion Pack Open Source Intelligence Gathering 6 months
Remote Attack Test
Proximity Attack Test
Personnel Attack Test
Supply Chain Attack Risk Assessment
Other Special Requirements that Reasonable and Legal

InMist Lab is a high-level security laboratory jointly developed by the combined research and engineering capabilities of SlowMist Technology team and Joinsec team to better support external enterprise demand and regulatory direction and provide key high-quality technical capabilities, including Blockchain Threat Intelligence (BTI) and Red Teaming.