Summary

In this first chapter, we explored the foundations of how to build a successful pen test program within your organization. This includes ways to influence leadership to support an offensive security program and defining a clear mission to bootstrap efforts. We discussed the services a red team can provide to the organization and what it takes to establish an offensive security program within your organization.

To safely and securely operate, we highlighted the creation of rules of engagement and SOPs.

Furthermore, we learned about the basics of what adversaries your organizations might be facing and how systems get breached, and some tips to convey that information to other stakeholders.

In the next chapter, we will explore how to manage and grow a red team, and how to further develop the overall program to improve its maturity.