[conspire] "red team" auth docs. (was: Re: Fraudulent e-mail addresses (was: ...Straffic data breach))
Michael Paoli
Michael.Paoli at cal.berkeley.edu
Sun Mar 8 20:01:30 PDT 2020
> From: "Rick Moen" <rick at linuxmafia.com>
> Subject: Re: [conspire] Fraudulent e-mail addresses (was:
> ...Straffic data breach)
> Date: Fri, 28 Feb 2020 11:01:53 -0800
> Quoting Nick Moffitt (nick at zork.net):
>
>> These are folks you hire to test your defences, both purely digital
>> ("Can we tighten our Internet-facing security?") and physical ("Can we
>> tighten our street-facing security?"). The first step is a
>> painstakingly negotiated contract detailing the work to be attempted,
>> acceptable targets, acceptable method categories, conditions for
>> success, etc.
>>
>> Then you get a sealed letter for the people actually performing the
>> testing to carry. It has the names, contact details, and signatures
>> of the authorities that approved the tests (Usually a CIO, CEO, and
>> board member team or something).
>
> I'm guessing that by 'sealed letter', you mean 'letter bearing a
> persuasive seal' (of the sort that used to be stamped into hot wax), not
So ... wouldn't the "red team" carry *two* such (sets of) sealed letters.
Secondarily to be used, the real deal, but to be first presented, a similar
look-alike set, but on that set, all the (at least electronic) contact
details would go straight to folk(s) on the "red team" ... that might
not be as easy/feasible with email (maybe leave those off?) or folks
doing the checking, for speed, may go straight to the phone numbers
anyway (with letters probably saying any questions, contact
one of these persons at one of these numbers immediately).
Anyway, might be one more test in the series of tests.
Might even get the authorizing persons to assist with doing a real
seal on the fudged document set too.
More information about the conspire
mailing list