Security News > 2020 > February > Randori Arms Red Teams With New Automated Attack Platform
Red teaming, especially continuous red teaming, is by far the most effective way of finding weaknesses in corporate infrastructures - but is phenomenally expensive and beyond the reach of all but the largest and most wealthy companies.
Hazzard and Wolpoff chose to develop a red team platform for everyone rather than a red team service for the wealthier companies.
"After the discovery, comes the attack phase. The discovery map is used by the customer to scope and authorize the red team attack."The customer can engage with the platform, and say, 'yes, these assets are mine and are in scope for attack'," continued Hazzard.
Two key aspects of the red team platform are it is continuous and continually improving.
"If the Randori platform is successful, it will challenge three existing cybersecurity products. Perimeter scanning is just a part of the service. It is done differently, from the viewpoint of an adversary, but the outcome is similar. Penetration testing and red team testing is performed cheaper and continuously." Spear-phish training is also within scope: "It's part of an attacker's armory, so of course it is in scope for us," commented Hazzard.