Which kind of red teamer are you, Achilles or Odysseus?

The good guys at the Red Team Journal posted the following question on their twitter timeline:

Question (with a nod to Everett Wheeler): Which kind of red teamer are you, Achilles (direct force) or Odysseus (trickery, stratagem)?

I think this is an incredibly complex question to answer for many reasons, but mainly for the fact that red teams need to adapt to what's going on in the field. So, in my opinion, sometimes you have to act like Achilles, some others like Odysseus and more often than not like both.

Trickery is at the heart of red teaming, however sometimes direct action (or direct force) is needed in order to make a point or to force the blue team to react. Direct action can also teach a lot to the organization you are testing: it shows them their immediate weak points, it shows them whether their quick reaction team is actually a team and can work together to solve the problem at hand. However, trickery is a core element of a red team operation. You want to remain undetected, you want to give the blue team false clues. In doing so you can be successful and also teach a valuable lesson to the people you are helping.
Yet, sometimes trickery is the prelude to direct force. Both approaches can work together if done properly.

One more thing: a key element here is also the team members. Some members are more comfortable with being in the dark and not really engaging in direct action, while others are more suited for a direct approach such as a social engineering one or a physical penetration. During the planning phase of the exercise, it'd be good to see whether this can be leveraged to have multiple plans of action and chose right one once the operation in underway.

Great question. No doubt about it.