You're reading from Cybersecurity Attacks ‚Äì Red Team Strategies A practical guide to building a penetration testing program having homefield advantage

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781838828868

Length 524 pages

Edition 1st Edition

Tools

Neo4j

Concepts

Cybersecurity

Author (1):

Johann Rehberger

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1: Embracing the Red

2. Chapter 1: Establishing an Offensive Security Program FREE CHAPTER

3. Chapter 2: Managing an Offensive Security Team

4. Chapter 3: Measuring an Offensive Security Program

5. Chapter 4: Progressive Red Teaming Operations

6. Section 2: Tactics and Techniques

7. Chapter 5: Situational Awareness – Mapping Out the Homefield Using Graph Databases

8. Chapter 6: Building a Comprehensive Knowledge Graph

9. Chapter 7: Hunting for Credentials

10. Chapter 8: Advanced Credential Hunting

11. Chapter 9: Powerful Automation

12. Chapter 10: Protecting the Pen Tester

13. Chapter 11: Traps, Deceptions, and Honeypots

14. Chapter 12: Blue Team Tactics for the Red Team

15. Assessments

16. Another Book You May Enjoy

Leave a review - let other readers know what you think

Test Maturity Model integration (TMMi ®)and red teaming

Most likely, you will be familiar with, or have at least heard of, the Capability Maturity Model (CMM®) from Carnegie Mellon. The TMMi®, developed by the TMMi Foundation, explores and defines a framework for measuring test maturity and process improvements. More information can be found at https://www.tmmi.org.

It is based on the CMM® from Carnegie Mellon University, which defines maturity stages for software testing. In this section, we will explore how this framework can be used when it comes to offensive security testing and red teaming. We will put the five levels of maturity, as defined by TMMi®, into a penetration testing context next.

This is an experimental idea to help frame and allow discussions on how you could measure the maturity of your internal penetration test team. Throughout my career, I have been fascinated with quality assurance and testing, especially security testing. What...