TIBER – Threat Intelligence Based Ethical Red teaming
Pen Test Partners are the preferred supplier of security assurance to a number of tier-1 retail banks in the UK, and a multitude of financial institutions globally. Pen Test Partners have extensive experience of delivering market-leading, best-in-class Red Team Simulated Attacks for many multi-national organisations including many tier-1 banks.
We are a member of the prestigious CBEST group that are mandated by the Bank of England to conduct Red Team Simulated Attacks against tier-1 high street banks as part of their regulatory imperative.
The Power of 2
Pen Test Partners and Security Alliance, both specialists in their own cyber security disciplines, have operated in close partnership for a number of years and on any given day are delivering multiple joint projects, including TIBER assessments, for the benefit of our joint customers. Both organisations are relentlessly customer focused and highly specialised in their own areas of expertise; penetration testing and cyber threat intelligence.
When working jointly on regulator-driven engagements, our ethos is: Customer First, meaning that our primary focus is delivering a smooth running project, with minimum disruption and maximum positive impact on security resilience for you.
Our experience together, delivering TIBER and other regulated intelligence-led Red Team Assessments has taught us that joint engagement and strong communication from the initiation phase of the project through to the final project review delivers maximum client value from a security perspective, and minimum cost and disruption to the customer. We deliver the very best successful security outcomes, while minimising customer resource and cost overheads.
Additionally, strong and continuous communication between your TIBER project team and us, the service providers, will ensure that the relevant project stakeholders are fully informed throughout the project, to minimise surprises and ensure that your project objectives are successfully met.
Our reporting reveals all of the exploitable information and intelligence we recover on your digital footprint, and outlines the potential risks and consequences associated with these findings. This document is predominately created for 2 purposes.
- to support the red team in their targeting of an asset, function or organisation.
- to enable the client to identify all of the targetable data being used against them, in order to reduce the number of attack vectors against them
As a high level summary the report covers the following areas:
- Credentials: Employee credentials that have been exposed on the internet.
- Domains: Fake/typo-squatted domains that may be used for malicious purposes.
- Technical Reconnaissance: Findings that may indicate potentially vulnerable and / or exploitable systems, processes and technology associated with your digital footprint.
- Malware: Evidence of malware campaigns specifically targeting you, including Botnet activity.
- Dark Web: Findings from Dark Web research that may indicate past, current and future malicious activity against you.
- Fake Social Media: Findings pertaining to likely fake social media that can be used to target the organisation, its clients, employees or supply chain.
- Disclosure: Targetable information that has been posted or leaked by employees or third parties. This includes leaked source code.
- Additional Targeting Data: Targetable data not included in the above sections such as bug-bounty listings.