Chapter 3: Measuring an Offensive Security Program
Little literature can be found that discusses or provides ideas on how to measure the effectiveness of a red team or an offensive security program. Management teams tend to want easy solutions to difficult problems.
When people ask for best practices to be used to measure security, especially red teaming and pen testing, I just smile and think that blindly applying someone else's idea to a seemingly similar problem without considering the unique context and conditions they operate under might result in suboptimal solutions. But I'm a red teamer and that's how we think. We challenge everything.
This chapter covers ideas for measuring an offensive security program and what has worked for me in ...
Get Cybersecurity Attacks – Red Team Strategies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
