Offensive Security
Red Team
An objective-driven adversary simulation that tests detection and response capabilities, not just controls. Distinguished from penetration testing by scope (campaign-level), objectives (crown jewels), and constraints (realistic adversary).
Red team engagements simulate the full attack campaign of a real adversary against a defined objective: reaching the customer database, persistent access to executive email, exfiltrating source code. Unlike penetration tests, which are scope-bounded and focus on identifying vulnerabilities, red teams operate under realistic constraints to test the entire defensive stack — controls, detection, response, and organisational resilience.
Red team engagements are most valuable for organisations with mature security programmes already validated by penetration testing, dedicated SOC capabilities to test, and high-value or regulated assets to protect. For organisations without these prerequisites, comprehensive penetration testing combined with tabletop incident response exercises is usually more cost-effective.
See: Red Team Operations.