Red Team Assessments

Test your security against real-world attacks without the risks of negative headlines

You’ve invested in your cyber-security program, but do you know how well it performs under pressure? FireEye Mandiant tests your program's capabilities against real-world attack scenarios, helping improve your security posture.


Red Team Assessment Overview


Test your security program against real-world attacks

Experience attack objectives that expose your organization to worst-case business scenarios – both in the cloud and on-premise.


Gain experience combatting real-world cyber attacks

Emulate tactics, techniques, and procedures (TTPs) seen in actual incident response engagements.


Identify and mitigate complex security vulnerabilities

Receive a comprehensive report detailing all security vulnerabilities identified during the assessment, with remediation recommendations.

Texture Top Right Red 04

Mandiant Red Team Assessment Features

Real-world attack scenarios

Real-world attack scenarios

Methodology uses realistic attack scenarios using tactics, techniques, and procedures seen in real-world attacks.

Customizable objectives

Customizable objectives

Tailored engagements to meet organizational needs, with objectives based on the most relevant risks to your organization.

Sample objectives:
• Obtain access to PCI data
• Obtain access to personally identifiable information (PII)
• Obtain access to trade secrets

Industry expertise

Industry expertise

Consultants experienced with critical infrastructure sectors – including energy, healthcare, and telecommunication providers.



Detailed, concise reports with actionable recommendations to aid in remediating identified issues post-engagement.

Our Methodology

The FireEye Mandiant Red Team relies on a systematic, repeatable and reproducible methodology. We begin by establishing the following core information and rules of engagement, agreed upon in collaboration with the organization’s leadership team:

  • Does the red team begin its effort with information about your environment (white box) or with no information at all (black box)?
  • What intelligence does Mandiant already have about high-risk assets and vulnerabilities in your industry?
  • What objectives do you want the red team to accomplish in simulating a real-world attack?

Once the objectives are set, the red team starts by conducting initial reconnaissance. Mandiant leverages a combination of proprietary intelligence repositories as well as open-source intelligence (OSINT) tools and techniques to perform reconnaissance of the target environment.

Mandiant attempts to gain initial access to the target environment by exploiting vulnerabilities or conducting a social engineering attack, and leverages techniques used by real-world attackers to gain privileged access to these systems.

Once access is gained, the red team attempts to escalate privileges to establish and maintain persistence within the environment by deploying a command and control infrastructure, just like an attacker would.

After persistence and command and control systems are established within the environment, the red team attempts to accomplish its objectives through any non-disruptive means necessary.

FireEye Mandiant Attack Lifecycle

Each engagement follows the phases of the attack lifecycle.
The use of real-world attacker TTPs tests your organization’s readiness and responsiveness to cyber attacks.

Red Team Cyber Security Assessments at a Glance

We help you:

  • Test your security team’s effectiveness in dealing with a cyber attack
  • Train your team to better respond to future cyber attacks
  • Determine the level of effort required to compromise your sensitive data or IT infrastructure
  • Identify and mitigate complex security vulnerabilities before an attacker exploits them
  • Receive fact-based risk analysis and recommendations for improvement

What you get:

  • A high-level executive summary of the Red Team Assessment, catering towards executives and senior-level management
  • A detailed report describing actions taken during the assessment, as well as a report of all found vulnerabilities
  • Fact-based risk analysis detailing the relevance of each vulnerability with respect to your environment, as well as techniques to validate said vulnerabilities
  • Strategic recommendations for longer-term improvement

Related resources

Ready to get started?

Our security experts are standing by to help you with an incident or answer questions about consulting services.

+1 888-227-2721 +61 281034308 +32 28962867 +1 877-347-3393 +971 45501444 +358 942451151 +33 170612726 +49 35185034500 +852 3975-1882 +91 80 6671 1566 +353 (0)216019160 +39 0294750535 +81 3 4577 4401 +03 77248276 +52 5585268207 +31 207941289 +64 32880234 +48 223072296 +7 4954658084 +65 31585101 +27 105008408 +82 7076860238 +34 932203202 +94 788155851 +46 853520870 +886 2-5551-1268 +27873392 +44 2036087538 +842444581914