IOActive, the provider of research-driven security services, has expanded its Red and Purple Team Practice to further strengthen its customers’ security posture and incident response capabilities through realistic adversarial emulation. The Red and Purple Team expansion is being led by longtime intrusion and forensics specialist John H. Sawyer.
IOActive’s Red Teams leverage their attacker’s perspective to comprehensively simulate the specific threats an organization faces to test the effectiveness of their security defenses. Team members infiltrate digital assets, networks and human resources to determine the risks and vulnerabilities in an organization’s IT and human assets with the goal of helping clients secure their most valued assets. To complement this, the firm’s Purple Teams collaborate with and train the customer’s Blue Teams throughout the attack process.
To spearhead the roll out of these enhanced services, John H. Sawyer has joined IOActive as Associate Director of Red Team Services. Sawyer previously served as a Senior Managing Consultant at InGuardians Inc., where he helped build a Red Team offering and specialized in penetration testing, intrusion analysis, and incident response for the last seven years. Previously, Sawyer was a member of a two-time winning team at DEF CON’s “Capture the Flag” competition, where teams battle to defend a server while exploiting the servers of their opponents. He was also the technical lead of the Office of Information Security and Compliance at the University of Florida for over a decade and founded the Florida Student Infosec Team and SwampSec.
“To protect against sophisticated attacks and an ever evolving threatscape, an organization must focus on the effectiveness of their security teams and programs. Understanding the attacker’s perspective and preparing your team to fight real world adversaries is mission critical and is the ultimate goal of our red and purple team services,” said Jennifer Sunshine Steffens, CEO of IOActive. “We are thrilled to have John join IOActive to continue developing new services throughout the practice. His broad experience and revolutionary approach make him an ideal addition to our global team.”
“IOActive’s deep technical roots, strong focus on research, and global reach are part of what drew to me to the team. The industry is just scratching the surface of what can be done with red teaming and I’m excited to be part of a mission to truly expand these offerings and ensure the best possible defense for our clients,” said Sawyer. “If your organization has gone through risk assessments, penetration tests and has an incident response plan in place, the next logical step is testing the plan and controls against an adversary’s tactics, techniques and procedures to see if it’s as good as you think it is. By closely collaborating with an organization’s blue team, we feel confident that our clients will be much more prepared to fend off determined attackers when they strike.”
IOActive’s Red Team strategically employs every technique at their disposal – including emulating real threat actors a company faces, performing social engineering attacks and gaining access to the physical premises – to determine an organization’s true security posture and incident response capabilities. In addition to assessing an organization’s blue team capability, these engagements focus on identifying cybersecurity or operational-resiliency deficiencies that may produce a high-impact operational or business event.
Ultimately, the team answers the questions: “How well do your company’s security controls and processes withstand a real attack, recover and respond to it? How resilient are your company’s operations against a multi-vector cybersecurity attack?”