International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 07 Issue: 04 | Apr 2020 www.irjet.net p-ISSN: 2395-0072 © 2020, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 4279 Red Team Analysis of Information Security Measures and Response Khushboo Amin 1 , Dr. Priyanka Sharma 2 1 Student, School of Information Technology & Cyber Security, Raksha Shakti University, Gujarat, India 2 Dean, Research & Development, Raksha Shakti University, Gujarat, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - This research attempts to develop a factor understanding of Red Team assessment strategies in computer and data security. The Red Team is a 'cultured form' of assessment that identifies weaknesses during a quite information and security system. This research aims to identify and define the form of dimensions of the Red Team's effectiveness from the customer, management, individual, and team member to strengthen the knowledge system's security and performance. The Red Team generally addresses the protection risks present within the knowledge systems by Vulnerability Assessment and Penetration Testing (VAPT). VAPT consisting of two separate terms i.e. Vulnerability Assessment (VA) and Penetration Testing (PT) is an offensive technique where the cyber assets of any organization are exploited in a controlled environment to simulate a real-time attack on the information system. Vulnerability assessment includes the employment of assorted automated tools and manual testing techniques to work out the protection posture of the target system. During this step, all the breach points and loopholes are found. These breach points/loopholes if found by an attacker may end in heavy data loss and fraudulent intrusion activities. During Penetration Testing, the pen-tester simulates the activities carried out by a malicious actor trying to use the vulnerabilities present in the targeted system. This process of VAPT helps in assessing the effectiveness of the protection measures that are present on the target system. While authoring this paper, I've described the entire process of VAPT, the methodologies, models and global standards used to assess information security infrastructure. Key Words: Ethical hacking, Information Security, Penetration Testing, Red Team, Security Testing, Vulnerability Assessment. 1.INTRODUCTION This research paper is a part of my project for partial fulfilment to achieve the Master of Technology degree. The topics and concepts mentioned in this paper are discussed thoroughly within the project report along with the vulnerabilities uncovered and their recommendations. As we all know today, the cybersecurity threat landscape may be a dynamic one and is continually changing. The cyber attacker of today uses a combination of both traditional and advanced hacking techniques. On top of this, new variants of the existing malicious threat actors are seen daily. Red Teaming may be a full-scope, multi-layered attack simulation designed to live how well a company's people and networks, applications and physical security controls can withstand an attack from the real-life adversary. 2. DIFFERENT SORTS OF TEAM 2.1 Red Team They work dedicated as part of the internal infrastructure or an external entity to test the effectiveness of a security mechanism by mirroring the tools and techniques of attackers as close to a real-world attack on the infrastructure. 2.2 Blue Team It refers to the internal security team that works as the defenders against both the real-world internal/external attackers and the Red Team attacks. Blue Teams differs from a traditional security team in most organizations, as most personnel in a 'security-operations' team don't have a mentality of constant vigilance against attack, which is the true and only mission and perspective of a true-Blue Team that makes it stand out from the traditional security operations and monitoring teams. 2.3 Purple Team Purple Team exists to confirm and maximize the effectiveness of the Red and Blue teams. They are the integration of the defensive tactics and controls from the Blue Team and the attack skills from the Red Team into one single team maximizing the security throughput. Ideally, the Purple Team should not be a team the least bit, rather a permanent dynamic between Red and Blue.