Security Testing

Red Teaming

A realistic, multi-vector adversary simulation that shows whether a determined attacker could reach what matters most — and whether anyone would notice.

A penetration test tells you whether individual systems are secure. Red teaming answers a harder question: if a skilled, motivated attacker targeted your organisation specifically, would they get in — and would your people and defences detect them before real damage was done?

Our red team exercises are realistic, multi-vector adversary simulations informed by OSINT. Before anything is attempted, our consultants gather and analyse the information about your organisation that is already publicly available — the same reconnaissance a real attacker would perform — and use it to shape attack paths that mirror genuine threat actors rather than a generic checklist.

What red teaming involves

Rather than testing one system exhaustively, the red team pursues agreed objectives — access to a critical system, a sensitive data store, a privileged account — combining vectors such as external infrastructure, applications and, where agreed, capabilities like breakout testing from virtual machines and containers. Exploitation is taken far enough to demonstrate real-world impact, always within signed rules of engagement and only where it is safe to do so.

The engagement runs through Sentry like every Blackfoot test: scoped via questionnaire and scoping call, findings recorded in real time, immediate notification of critical and high-severity issues, and your consultant available via Sentry messaging throughout. You finish with a board-ready executive summary, a detailed technical narrative of what was achieved and how, and a debrief that turns the exercise into a practical improvement plan.

Red teaming suits organisations that already test regularly and want to know how their prevention, detection and response perform against a realistic adversary. It is a powerful complement to scoped penetration testing, and the evidence it produces carries real weight with boards, regulators and cyber insurers. Exercises are shaped around your sector and threat profile, and can build on previous penetration testing or social engineering assessments for a genuinely joined-up view of your resilience.

What you get

Realistic adversary simulation

Multi-vector attacks modelled on how real threat actors would target your organisation, not a generic test plan.

OSINT-informed targeting

Reconnaissance of your public footprint shapes the attack paths, exactly as a genuine attacker would begin.

Objective-based testing

The exercise pursues the assets you care about most, so results map directly to business risk.

Demonstrated real impact

Safe, agreed exploitation shows what an attacker could actually achieve — evidence, not speculation.

Detection and response insight

See which attacks your controls and people caught, which they missed, and why.

Findings in real time

Critical and high-severity issues are flagged in Sentry during the exercise, not saved for the report.

How it works

  1. 01

    Scoping and agreement

    A questionnaire and scoping call define objectives, boundaries and rules of engagement. You receive a clear Statement of Work and a project in Sentry. Typically one to two weeks.

  2. 02

    Reconnaissance and preparation

    Consultants perform OSINT reconnaissance of your public footprint and design attack scenarios around your agreed objectives, with logistics and authorisation finalised before any activity.

  3. 03

    Adversary simulation

    The red team executes multi-vector attacks within the agreed window, recording findings in Sentry in real time and alerting you immediately to critical and high-severity issues.

  4. 04

    Reporting and debrief

    You receive an executive summary, a detailed attack narrative with evidence and remediation guidance, and a debrief session. Findings remain in Sentry for tracking and future comparison.

Frequently asked questions

Straight answers to what prospective clients ask us most.

How does red teaming differ from penetration testing?

A penetration test assesses defined systems in depth against a known scope. A red team exercise is objective-driven: it combines vectors and techniques to reach agreed targets the way a real attacker would, and tests your detection and response as much as your technical controls.

What are red, blue and purple teams?

The red team simulates the attacker, employing realistic techniques to breach defences covertly. The blue team is your defensive function, detecting and responding to the attack. Purple teaming brings the two together so the insights from red team activity directly improve your detection and response.

Will our staff know the exercise is happening?

Usually only a small, agreed group is aware, so the exercise genuinely tests day-to-day detection and response. Everything runs under signed rules of engagement and written authorisation, so the exercise is controlled even when it is covert.

Is red teaming safe for production systems?

Yes. Objectives, boundaries and prohibited actions are agreed in advance, exploitation is only taken as far as is safe and authorised, and you can reach your consultant through Sentry at any point during the engagement.

Ready to talk about red teaming?

Get a fixed-scope quote, usually the same working day.