GuidePoint Security Announces New Open Source Tool that Facilitates Red Teaming Exercises
RedCommander Automates the Buildout of Red Teaming Infrastructure
HERNDON, VA – September 2, 2020 – GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the release of a new open source tool that enables red teams to easily build out the necessary infrastructure. This open source tool, RedCommander, solves a major challenge for red teams around the installation and operationalization of infrastructure by combining automation scripts and other tools into a deployable package.
RedCommander is a series of Ansible Playbooks that automate the tedious tasks required to stand up covert command and control channels during a Red Team exercise. The open source tool is intended to be a stepping stone for more advanced configurations during red team assessments. Once an operator spins up several servers and configures redirectors, they can leverage RedCommander to modify and monitor their command and control servers for Blue Team investigations by way of RedELK. The result provides the operator with a full-spectrum overview of a Red Team exercise while simultaneously centralizing logs for Indicators of Compromise (IOC) analysis.
“Exercising defensive responses is a crucial security practice for any organization,” says Alex Williams, the creator of RedCommander and a senior consultant in the GuidePoint Security Threat & Attack Simulation practice. “RedCommander makes it easier for red teams to deploy their infrastructure in a more customized fashion, giving them a true infrastructure for success.”
GuidePoint’s Threat & Attack Simulation (TAS) practice is staffed by highly certified professionals who are technically adept and possess a diverse set of collective skills that ensure the most effective security assessments. Members of the GuidePoint Security TAS team continuously pursue training and learn new tactics, techniques, and procedures to ensure that the assessments performed represent a modern attacker. Cultivating this expertise enables the team to deliver red team and penetration testing services to prioritize risks and assess a customer’s defenses against even the most bleeding-edge attack vectors.
To access RedCommander and for additional information, view the GitHub repository:
https://github.com/GuidePointSecurity/RedCommander
Additional Resources:
- Overview of GuidePoint’s Threat & Attack Simulation practice
- Whitepaper on Which Pentest is Right for Your Organization
About GuidePoint Security
GuidePoint Security provides trusted cybersecurity expertise, solutions and services to help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.