February 28, 2023

CISA Red Team Assessment

February 28, 2023

What we know so far

In 2022, CISA conducted a red team assessment for a large critical infrastructure organization. The red team successfully breached the organization's network, traversed multiple sites, and gained access to systems adjacent to sensitive business systems. Although the organization had a mature cyber posture, they failed to detect the red team's activities, highlighting the need for improved detection capabilities. CISA is releasing a Cybersecurity Advisory (CSA) that outlines the red team's tactics and key findings, offering proactive steps for network defenders to mitigate similar threats. The CSA emphasizes the importance of collecting and monitoring logs for unusual activity, as well as continuous testing and exercises to enhance an organization's security regardless of its cyber posture maturity.

Arrow Right

Schedule a test

Subscribe to advisory alerts

Be immediately notified of new advisories and associated security tests

More advisories