Webinar: Protecting against multi-vector cyber attacks with MDR and Microsoft 365 Defender Register

TEAMARES
Red and Blue Team Security Services

Red and blue team services to prepare for real-world threats. We can help you determine just how exposed your systems, services and data are to malicious actors.

Report an incident
Contact an Expert

Put TEAMARES to work for you

Offensive red team and defensive blue team services are how you can prepare your business for real-world threats. TEAMARES stands ready to help you understand your environment more deeply, assess how today’s attacks can impact your organization and how to better defend your environment from potential threats.

REDTEAM Services

  • Vulnerability Management

    Our team will identify, classify, prioritize, remediate, and mitigate software vulnerabilities.

  • Penetration Testing

    We will conduct a compliance penetration test focused on the segmentation of Cardholder Data Environment (CDE) and other requirements set by PCI DSS compliance rules.

    Learn More

  • Breach Attack as a Service

    TEAMARES Breach Attack as a Service offers quick and flexible security control testing for your environment. Managed testing of scenarios by red team experts in TEAMARES provides a lighter demand on internal resources and a competitive pricing model over managing the solution yourself.

  • Web Application Assessment

    This assessment of clients’ web applications through static and dynamic code analysis includes a thorough review of application codes, and penetration testing using both automated and manual techniques.

  • Red Team Training

    Red team training provides a hands-on experience for information security concepts utilized in both offense and defense.

BLUETEAM Services

  • Incident Response (IR) and IR Retainers

    Our Incident Response (IR) team helps you limit the dwell time of an attacker through immediate response and we can proactively work with you to understand your preparedness with IR readiness services. Our IR retainers offer several options of professional service hours, and any unused hours may be applied to other IR and Professional Services engagements.

    Learn More

  • IR Plans and Playbooks

    IR Plans and Playbooks support coordinated response and communications for security incidents.

  • IR Readiness Assessment

    An IR Readiness Assessment will help you understand your organization’s readiness to detect, respond and recover from an incident.

  • Tabletop Exercises

    Tabletop Exercises are an effective method to ensure an organization’s IR plan will work as advertised.

Red Team Services

The TEAMARES advantage

  • Renowned Expertise

    Gain access to professionals with over 20+ years of experience in digital forensics, penetration testing, incident response, vulnerability management and malware reversing.

  • Extension of Your Team

    Strengthen your capabilities through red team testing, incident response and more.

  • Adversarial Thinking

    We have a proven track record of discovering zero-days and developing exploits.

  • Insightful Intelligence

    We keep track of recent attacks and vulnerabilities to help you stay ahead of threats.

Our latest TEAMARES blogs

  • <a href="https://www.criticalstart.com/criticalstart-blog/teamares/" rel="tag">TEAMARES</a>
    January 8, 2021

    How To Reverse Engineer the SolarWinds Hack

    Author: Quentin Rhoads-Herrera, Director of Professional Services When it comes to security incidents involving malware, most of us rely on the information provided by the investigating firm to und…
    Read more
  • <a href="https://www.criticalstart.com/criticalstart-blog/teamares/" rel="tag">TEAMARES</a>
    December 7, 2020

    Death to Vulnerability Management As We Know It

    Vulnerability Management concepts are changing. The idea that vulnerability management is limited to scanning alone is being replaced with a wider and more comprehensive view. It’s now transforming…
    Read more
  • <a href="https://www.criticalstart.com/criticalstart-blog/teamares/" rel="tag">TEAMARES</a>
    November 17, 2020

    Once More Unto the Breach: An Exploration into Breach Prevention and Response

    Organizations continue to learn the hard way that cybersecurity breaches can happen for many reasons at companies of any size and maturity level. Hackers are relentless in testing the waters to rev…
    Read more
    View More
    • DATA SHEET

      Penetration Testing Services

      We’ll evaluate your security posture and determine how exposed your systems, services and data are to malicious threat actors.

      Read more
    • Data Sheet

      Breach Attack as a Service Solution Overview

      CRITICALSTART‘s TEAMARES conducts continuous offensive security scenario-based testing to ensure defensive technology is properly configured.
      Read more
    • Data Sheet

      Security Event Response IR Retainers

      Don’t wait for a breach. Prepare now and rest easy knowing TEAMARES has your back.

      Read more
    • DATA SHEET

      TEAMARES Red and Blue Services

      Our goal is to understand your environment more deeply, to help assess how today’s attacks can impact your organization and better defend your environment from potential threats.
      Read more

      TEAMARES zero-day report

      TEAMARES follows the pulse of all the latest malware and threats. Here’s the latest our team has discovered.

      CVE NumberTitleSummary
      CVE-2020-13856 – CVE-2020-15836
      MoFi Router Vulnerability Disclosure

      Multiple critical vulnerabilities have been discovered in the MoFi4500 router, an OpenWRT based wireless router that provides Internet access via LTE.

      		Learn More
      CVE-2020-3980
      VMWare Fusion Local Privilege Escalation

      VMware Fusion contains a local privilege escalation vulnerability that allows an attacker to inject a malicious path into the system-wide PATH environment variable.

      		Learn More
      CVE-2020-2032
      Global Protect Local Privilege Escalation

      A race condition vulnerability in the Palo Alto Networks GlobalProtect app on Windows allowed a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade.

      		Learn More
      CVE-2020-11543
      Hard-Coded Credentials in OpsRamp Gateway

      During a recent penetration test, CRITICALSTART‘s TEAMARES researchers discovered that OpsRamp Gateway has an administrative account named vadmin that allows root SSH access to the server. This account was unknown to clients unless requested through a support process. At that time the vendor states they would provide the account to the client and request that they change the password.

      		Learn More
      CVE-2020-11586 – CVE-2020-11599
      CIPAce Enterprise Platform

      CRITICALSTART‘s TEAMARES researchers have released a steady cadence of advice regarding the importance of testing your systems regularly for vulnerabilities. The following vulnerabilities uncovered during an external penetration test drives home this necessity.

      		Learn More
      CVE-2020-11542
      Authentication Bypass in Infinias elDC32 Webserver

      With access to a system’s control interface, a malicious actor can unlock controls remotely, allowing them to gain physical entry to restricted areas. However, lessons learned from other breaches can help everyone better understand how to prevent unwanted access.

      		Learn More
      CVE-2020-9323 – CVE-2020-9325
      Tiff Server 4.0 from AquaForest

      The product Tiff Server 4.0 from AquaForest is vulnerable to the following:

      • Unauthenticated File and Directory Enumeration
      • Unauthenticated Arbitrary File Download
      • Unauthenticated SMB Hash Capture via UNC
      		Learn More
      CVE-2019-12876
      ManageEngine Privilege Escalation Windows

      After running into ManageEngine products on a number of penetration tests, we decided to take a closer look at their products and see if there were any vulnerabilities that we could take advantage of.

      		Learn More
      • CVE-2020-13856 – CVE-2020-15836

        MoFi Router Vulnerability Disclosure

        Multiple critical vulnerabilities have been discovered in the MoFi4500 router, an OpenWRT based wireless router that provides Internet access via LTE.
        Learn More
      • CVE-2020-3980

        VMWare Fusion Local Privilege Escalation

        VMware Fusion contains a local privilege escalation vulnerability that allows an attacker to inject a malicious path into the system-wide PATH environment variable.
        Learn More
      • CVE-2020-2032

        Global Protect Local Privilege Escalation

        A race condition vulnerability in the Palo Alto Networks GlobalProtect app on Windows allowed a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade.
        Learn More
      • CVE-2020-11543

        Hard-Coded Credentials in OpsRamp Gateway

        During a recent penetration test, CRITICALSTART‘s TEAMARES researchers discovered that OpsRamp Gateway has an administrative account named vadmin that allows root SSH access to the server. This account was unknown to clients unless requested through a support process. At that time the vendor states they would provide the account to the client and request that they change the password.
        Learn More
      • CVE-2020-11586 – CVE-2020-11599

        CIPAce Enterprise Platform

        CRITICALSTART‘s TEAMARES researchers have released a steady cadence of advice regarding the importance of testing your systems regularly for vulnerabilities. The following vulnerabilities uncovered during an external penetration test drives home this necessity.
        Learn More
      • CVE-2020-11542

        Authentication Bypass in Infinias elDC32 Webserver

        With access to a system’s control interface, a malicious actor can unlock controls remotely, allowing them to gain physical entry to restricted areas. However, lessons learned from other breaches can help everyone better understand how to prevent unwanted access.
        Learn More
      • CVE-2020-9323 – CVE-2020-9325

        Tiff Server 4.0 from AquaForest

        The product Tiff Server 4.0 from AquaForest is vulnerable to the following:

        • Unauthenticated File and Directory Enumeration
        • Unauthenticated Arbitrary File Download
        • Unauthenticated SMB Hash Capture via UNC
        Learn More
      • CVE-2019-12876

        ManageEngine Privilege Escalation Windows

        After running into ManageEngine products on a number of penetration tests, we decided to take a closer look at their products and see if there were any vulnerabilities that we could take advantage of.
        Learn More

        TEAMARES leadership

        Quentin Rhoads-Herrera

        Director of Professional Services

        Cory Mathews

        Offensive Security Manager

        Charles Dardaman

        Senior Adversarial Engineer

        Samuel Hunter

        Offensive Security Team Lead

        Be prepared for anything with TEAMARES

        Contact an Expert
        Free Assessment

        CONTACT US

        ©2020 CRITICALSTART. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
        ©2021 CRITICALSTART. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.