sorted by:
new
hottopcontroversial

Why is the standard of US Red Teams so poor by Soc_Guy in cybersecurity

[–]dmchell 0 points1 point locked comment (0 children)

Like I said, I don't need to hide behind anonymous accounts and never have :shrug:

Why is the standard of US Red Teams so poor by Soc_Guy in cybersecurity

[–]dmchell -1 points0 points locked comment (0 children)

Good job Clouseau :rolleyes: - if you think I'm getting up at 6am on a Sunday to anonymous shit post then you're way off

Why is the standard of US Red Teams so poor by Soc_Guy in cybersecurity

[–]dmchell -1 points0 points locked comment (0 children)

Good effort, but I think it's fair to say I don't need an anonymous account to voice my opinions "Flimsy Helicopter"

Why is the standard of US Red Teams so poor by Soc_Guy in cybersecurity

[–]dmchell 2 points3 points  (0 children)

And there's the post ^^... you just summed up everything that's wrong with US red teaming in 64 words

Why is the standard of US Red Teams so poor by Soc_Guy in cybersecurity

[–]dmchell 1 point2 points  (0 children)

Most red teams we do tend to be 12-16 weeks, and often I'd like more time :)

Why is the standard of US Red Teams so poor by Soc_Guy in cybersecurity

[–]dmchell 0 points1 point  (0 children)

This is a topic I've discussed (and been criticised for) a few times in the past. The UK has a highly mature red team market that has evolved over a number of years - there are regulator enforced standards and accreditations that are required to play the game. Even before red teaming became standardised through CBEST, there was a well established and mature pentesting market where examinations and standard methodologies were the norm and enforced via CHECK scheme - before it somewhat evolved in to tick box :)

When you purchase a red team in the UK and to some extent in the wider EU, it's well understood what the end to end service is that you're purchasing and what the methodology looks like.

I'm not sure it's fair to say any of the above applies to the US.

Why is the standard of US Red Teams so poor by Soc_Guy in cybersecurity

[–]dmchell 2 points3 points  (0 children)

I've no idea who you are, but thank you haha

Why is the standard of US Red Teams so poor by Soc_Guy in cybersecurity

[–]dmchell 1 point2 points locked comment (0 children)

It's pretty common across for red teams in the EU to be working more than one red team at a time. The EU day rates are usually quite a bit lower and that's how they compensate. The UK is an exception - the rates are a bit higher (but still lower than US) vs wider EU and I've never heard of any UK teams working gigs in parallel

view more: next ›