CSA Images via Getty Images
Red teaming, the practice of actively researching and exploiting vulnerabilities in systems to help find and fix gaps in their security, has long been the realm of high-paid security consulting firms with hands-on-keyboard (and occasionally, with full penetration testing, hands-on-lockpick engagements, and not something most companies can afford to do regularly. Large organizations and software firms with a business imperative to keep their systems secure have specified internal red teams, but smaller organizations that need red teams for things like getting credit card compliance certification or checking the security of other financial systems often rely on hit-and -run engagements with outside specialists.
There have been other efforts to streamline and automate components of red teaming to make it a more regular part of companies’ security programs. For example, Scythe , a firm that spun out of the security research company Grimm , has focused on providing attack simulation as a service — allowing a company to test the mettle of its “blue team” defenders and users by running modular “attacks” that mimic the techniques of known threat groups, while creating a marketplace for security testing modules. And other companies, such as Pwnie Express , have used passive and “offensive” security tools to scan and audit networks for potential attack vectors.
Randori takes the red-teaming mission several steps further. Instead of running simulations of attacks based on known threats, Randori Attack runs real, novel attacks based on emerging vulnerabilities — much like a human red team would. Founded by CEO Brian Hazzard (formerly of Carbon Black) and CTO David “Moose” Wolpoff (a reverse-engineering and red-teaming veteran of the specialist security firm Kyrus Tech), Randori’s “flagship” service is the Attack Platform — a cloud- based system that, when combined with Randori’s Internet-based reconnaissance system, will constantly discover and attempt to exploit a customer company system, playing the role of what Hazzard describes as “trusted adversary.”