The Red Team industry is very niche and frankly, there aren’t many simple Red Team frameworks. From a technical standpoint, and from a general capabilities standpoint, there are a few guides but they all are fairly in-depth, wordy, and difficult to get the interesting bits from.
For the past several years, I have been documenting, taking notes, and generally just considering how I think a good Red Team would operate. This ended up in a notebook with a bunch of jumbled thoughts.
This started with a traditional little maturity pyramid but eventually grew. As this progressed, it became apparent that Maturity Models are not dictators of success. There is so much more at play and those will depend on your organization, your leaders, and basically everything. The current state is a matrix and a companion post. This is sure to adapt and evolve with the Red Team industry.
“The more that you read, the more things you will know, the more that you learn, the more places you will go” - Dr. Seuss
I ended up with various Red Team resources, these include PDF’s, infographs, books and blog posts. I placed these in a different GH repo since they don’t fit into the Maturity Model.
You can contact me on Twitter or by email at [email protected]
This work is licensed under a Creative Commons Attribution 4.0 International License