We're a team driven by the thrill of the hunt.
TENUMBRA provides high assurance Penetration Testing services of Networks, Applications, Mobile devices and Applications, IoT devices, as well as ICS/SCADA systems to help you identify the risks to your business. Using a combination of public domain and proprietary tools and techniques, our team will methodologically examine your applications, networks and systems. All types of exposures will be identified ranging from simple information gathering to exploitation. Effective countermeasures will be reviewed or developed in partnership with your team, providing a comprehensive picture of your posture and a plan for improvement. Our extensive experience conducting Vulnerability Research as well as Systems/Software development and Operations, allows us to delve into depths not measured by standard techniques and approaches.
The TENUMBRA Red Team Operations service draws on our decades of experience Red Teaming and working with client's Red and Blue Teams to either test your organization's response processes or demonstrate specific issues to management. Typically combined with social engineering activities, our attack simulation will conduct various forms of reconnaissance, keeping below your Incident Response team's detection level, to identify possible attack vectors into your organization. These attack scenarios are then built and ranked using a combination of factors such as risk of detection, anticipated privileges and logical position in the organization and probability of success. A number of these scenarios will then be selected according to their ranking, technology built or adapted and then each selected scenario executed in turn. The results as well as any evidence of detection throughout the entire process are recorded and then used as discussion points during the debriefing with your Incident Response team. A final report will highlight the issues found during the process, the responses to our attack attempts and any attempts to detect or block our activities.
TENUMBRA offers dynamic Red Team versus Blue Team as well as Purple Team Exercises drawing on our decades of experience Red Teaming and working with client's Red and Blue Teams. The environment is developed to your specifications to mimic critical aspects of networks, servers, applications, users and devices within your industry and attack paths are designed to provide your Blue Team members with a variety of challenges that are representative of a real world environment. Different types of attackers specific to your industry can also be simulated to provide your team with realistic learning opportunities. TENUMBRA will design, build, host and run the event, including providing training and regular debriefs throughout and at the end of the event to provide feedback and opportunities for your Blue Team members to learn at different milestones in the attacks. Moreover, we can provide training to the Blue Team to help them prepare for the event as well as a final day debrief on the entire attack path as a refresher, to prepare them for using their new skills in your operational environment. Exercises are run on in-house developed exercise platform software as well as using a combination of open source and custom TENUMBRA developed software implants and attack tools.