Compass Security Red Teaming Service is a multi-week to multi-month adversarial simulation service designed to test the detection, protection, and response capabilities of an organization's blue team (cyber defense team). Unlike traditional penetration tests that focus on specific infrastructure components, this service simulates a full-scope attack against the entire enterprise — encompassing people, technology, processes, and physical elements. The red team operates with no prior knowledge of the target environment (black-box approach), starting from external reconnaissance and working inward. Techniques employed include: - Open Source Intelligence (OSINT) gathering - Social engineering attacks such as phishing - Custom, tailored malware and software for access and persistence Engagements are structured around missions collaboratively defined with the customer, targeting key business-critical assets. Typical mission objectives include accessing core systems, exfiltrating sensitive data, or modifying public-facing assets. At the conclusion of the assessment, debriefing workshops are conducted jointly between the red team and the customer's blue team. These workshops cover: - Indicators of Compromise (IoC) mapped to the MITRE ATT&CK framework - Identification of detection blind spots - Assessment of blue team capabilities - Recommendations to improve overall security posture and resilience