Red teaming exercises are increasingly in demand as organizations shift their attention towards understanding cybersecurity risks. Tools like Cyver Core allow you to manage those exercises in an environment built around the needs of cybersecurity project management, manage clients and assets, and then seamlessly generate reports based on project data and details.
Build Your Red Team Report Template
Either use our basic red team report template or build your own, complete with your own sections for methodology, tooling, frameworks, and attack chains to showcase exactly how the exercise was carried out.
Our basic report and project runbook is structured around Cyber Kill Chain, with sections for methodology, the MITRE Attack Framework, and with everything you need to share the full attack narrative. The template itself imports findings based on how you label them during import, so you can build scenario sections into your report and then automatically import findings into the appropriate section.
And, of course, after generating the report, you’ll be able to edit it to add all of the custom details you want.
Set up your findings library with data including standard methodology, standard recommendations to fix, MITRE Attack Framework data, and anything else you want. Then, when you import findings to the platform, you can automatically add that data and then quickly edit it or tweak it to only show the information you need.
In addition, with features like merge, you can quickly merge all findings from all your tooling and only share each vulnerability once. You can also share the same finding with instances across different assets, so clients can see the full scope of a finding from one ticket.
The first step to running a red team exercise is to onboard your clients into the portal. They can set up the rules of engagement and goals as part of their project scope, set deadlines and timelines, and share everything else you need to get started in the portal.
Create Project Templates
Once your client is in the portal, you can get started with a project template. Here, you can use our existing red team project template. This setting uses findings without CVSS and criticality ratings. Instead, findings are linked to the MITRE Attack Framework and scenario/tool data. You can also change those settings or create your own.
From there, you can add project checklists and workflows or runbooks. Our base, Cyber Kill Chain checklist, adds tasks and steps to all 7 stages of the cyber kill chain. When you add red teamers to the pentest template, they will automatically be assigned those tasks on project launch. In addition, the client can see the stages and checklists (if you choose) so they can keep track of progress status and progress.
Finally, you can link methodology (we have the MITRE Attack Framework integrated) and the red team report. Once you start the project, everything is there, with assigned tasks, automatic notifications as you upload findings, and workflow steps built around red teaming.
Dashboards and Insights that Matter
Share the data that matters to your client. Whether that’s methodology, scenario, goals, or impacted assets, Cyber Core enables it. You can easily turn dashboard insights on and off to fully customize the data your clients see when they log into the portal.
Role Based Controls
Role based controls and access management mean you can add blue team members to your red team assessment for purple teaming. That can mean role-based access to client assets, to report data, and anything else you want, so you can separate red and blue team activities.
Would you like to learn more about how Cyver Core can help you manage and report for red team exercises? Schedule a demo and we’ll give you a personalized introduction to the platform.