Red and blue team services to prepare for real-world threats. We can help you determine just how exposed your systems, services and data are to malicious actors.
Offensive red team and defensive blue team services are how you can prepare your business for real-world threats. TEAMARES stands ready to help you understand your environment more deeply, assess how today’s attacks can impact your organization and how to better defend your environment from potential threats.
Vulnerability Management
Our team will identify, classify, prioritize, remediate, and mitigate software vulnerabilities.
Penetration Testing
We will conduct a compliance penetration test focused on the segmentation of Cardholder Data Environment (CDE) and other requirements set by PCI DSS compliance rules.
Breach Attack as a Service
TEAMARES Breach Attack as a Service offers quick and flexible security control testing for your environment. Managed testing of scenarios by red team experts in TEAMARES provides a lighter demand on internal resources and a competitive pricing model over managing the solution yourself.
Web Application Assessment
This assessment of clients’ web applications through static and dynamic code analysis includes a thorough review of application codes, and penetration testing using both automated and manual techniques.
Red Team Training
Red team training provides a hands-on experience for information security concepts utilized in both offense and defense.
Incident Response (IR) and IR Retainers
Our Incident Response (IR) team helps you limit the dwell time of an attacker through immediate response and we can proactively work with you to understand your preparedness with IR readiness services. Our IR retainers offer several options of professional service hours, and any unused hours may be applied to other IR and Professional Services engagements.
IR Plans and Playbooks
IR Plans and Playbooks support coordinated response and communications for security incidents.
IIR Readiness Assessment
An IR Readiness Assessment will help you understand your organization’s readiness to detect, respond and recover from an incident.
Tabletop Exercises
Tabletop Exercises are an effective method to ensure an organization’s IR plan will work as advertised.
Renowned Expertise
Gain access to professionals with over 20+ years of experience in digital forensics, penetration testing, incident response, vulnerability management and malware reversing.
Extension of Your Team
Strengthen your capabilities through red team testing, incident response and more.
Adversarial Thinking
We have a proven track record of discovering zero-days and developing exploits.
Insightful Intelligence
We keep track of recent attacks and vulnerabilities to help you stay ahead of threats.
We’ll evaluate your security posture and determine how exposed your systems, services and data are to malicious threat actors.
Don’t wait for a breach. Prepare now and rest easy knowing TEAMARES has your back.
TEAMARES follows the pulse of all the latest malware and threats. Here’s the latest our team has discovered.
CVE Number | Title | Summary | |
---|---|---|---|
CVE-2020-13856 – CVE-2020-15836 | MoFi Router Vulnerability Disclosure | Multiple critical vulnerabilities have been discovered in the MoFi4500 router, an OpenWRT based wireless router that provides Internet access via LTE. | Learn More |
CVE-2020-3980 | VMWare Fusion Local Privilege Escalation | VMware Fusion contains a local privilege escalation vulnerability that allows an attacker to inject a malicious path into the system-wide PATH environment variable. | Learn More |
CVE-2020-2032 | Global Protect Local Privilege Escalation | A race condition vulnerability in the Palo Alto Networks GlobalProtect app on Windows allowed a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. | Learn More |
CVE-2020-11543 | Hard-Coded Credentials in OpsRamp Gateway | During a recent penetration test, CRITICALSTART‘s TEAMARES researchers discovered that OpsRamp Gateway has an administrative account named vadmin that allows root SSH access to the server. This account was unknown to clients unless requested through a support process. At that time the vendor states they would provide the account to the client and request that they change the password. | Learn More |
CVE-2020-11586 – CVE-2020-11599 | CIPAce Enterprise Platform | CRITICALSTART‘s TEAMARES researchers have released a steady cadence of advice regarding the importance of testing your systems regularly for vulnerabilities. The following vulnerabilities uncovered during an external penetration test drives home this necessity. | Learn More |
CVE-2020-11542 | Authentication Bypass in Infinias elDC32 Webserver | With access to a system’s control interface, a malicious actor can unlock controls remotely, allowing them to gain physical entry to restricted areas. However, lessons learned from other breaches can help everyone better understand how to prevent unwanted access. | Learn More |
CVE-2020-9323 – CVE-2020-9325 | Tiff Server 4.0 from AquaForest | The product Tiff Server 4.0 from AquaForest is vulnerable to the following:
| Learn More |
CVE-2019-12876 | ManageEngine Privilege Escalation Windows | After running into ManageEngine products on a number of penetration tests, we decided to take a closer look at their products and see if there were any vulnerabilities that we could take advantage of. | Learn More |
The product Tiff Server 4.0 from AquaForest is vulnerable to the following: