As you can see, identity plays a big role in how hackers gain access to the system and execute their mission, which in most cases is to access privileged data or hijack that data. The Red Team must be aware of all these risks, and how to exploit them during the attack exercise. For this reason, it is important to establish a plan of attack before we start acting. This plan should take into consideration the current threat landscape, which includes three stages:
During Stage 1, the Red Team will study the different adversaries that the company has. In other words, who can potentially attack us? The first step to answer this question is to perform a self-assessment and understand what type of information the company has, and who would benefit from obtaining it. You might not be able to map all adversaries, but at least you will...