A book review - the first bad review
Most of you know that we usually don't review bad stuff or gear, unless it's really bad. This is the case of "Next Generation Red Teaming" by Henry Dalziel.
If you want a serious review, jump all the way to the end.
This is a $40 book. 35 pages long.
Yes, the next generation red teaming is as thin as a challenge coin.
Still, when I got it, I was excited. I opened it and went straight into the table of contents, which, wasn't much of anything.
Going into the introduction, the author walks us through all the things he wants to talk about. He wants to explain what a Red Team is, he wants to talk about how it's different from the traditional pentesting approach, how he wants to map the adversaries. He makes it a point to note that he wants to really talk about software-based analysis and software-based testing. He really makes it clear this is one of the key elemetns in this book. He also mentions that the last part of the book would talk about how to effectively build a Red Team.
I was now really excited.
This part of the intro really caught my attention:
Great! Now we are talking! Just the intro and I am already loving this book.
The book goes into describing what a Red Teaming is, providing various examples of what red teaming is... Well, not really. After reading the page and half explanation of what Red Teaming, all I can think is pentesting.
Chapter 2 (1.5 pages) talks about the typical engagements, which again are very similar to a pentest... However, in Chapter 3 (1.5 pages) he sets the record straight. He talks about the next gen red teaming. Yes! Finally! He talks about the electronic, social and physical aspects of the next gen red teaming.. Wait a minute... This next gen sounds kind of familiar... I mean, wow! Really next gen stuff here!
I love this part, it's mind blowing!
This is trully cutting-edge, next gen red teaming! Wow. I am speechless. How come none of us thought about this before!
Oh wait... Didn't we use this already 20 years ago? I must be confused...
Anyway, the book continues with cases and examples of "composite attacks", describing how to modify a pelican case to put a team member inside and pretending to be a FedEx guy walk into a building. Now, this is trully interesting. Really. I am smiling as I read this.
At this point I'm still looking for the 2 things I really wanted to read about: software-based analysis and software-based testing, and how to effectively build a Red Team.
Well, by chapter 5 he is trying to teach us how to model an adversary... But his tables are so small and the text is so illegible that, as much as my 20/20 vision allowed, I had to pass on this. No way to know how to model an adversary. However, I got to chapter 6 where he writes: bringing sofrware in...
Yes! Here it is! Half a page long....
Well, the secret here is that "software runs the world so we need to be mindful of this and that we need software to properly test software". Eureka!
Ok, moving on...
I'm still looking for how to effectively build a red team and red team porgram.
At this point you should realize, putting all the jokes aside, that this book doesn't deliver. It's very dissapointing. I'm very inclined to contact Syngress and ask them if this is a sample chapter, or just an intro... I mean, where is the content?
Anyway, judge for youself. Here's a link to the book.
Here's a presentation by the contributing editor that actually is the book + information you can use.
Now a somewhat serious review.
The reason for this bad review is not because we wanted to make fun of this book. No. The book provides some value for complete newbies, in that it talks about red teaming.
We decided to write this review after reading how the book was presented. Supposedly for professionals in the industry, or for CISOs that need to know everything there is about Red Teaming.
Here, from Amazon:
Red Teaming is can be described as a type of wargaming.In private business, penetration testers audit and test organization security, often in a secretive setting. The entire point of the Red Team is to see how weak or otherwise the organization’s security posture is. This course is particularly suited to CISO’s and CTO’s that need to learn how to build a successful Red Team, as well as budding cyber security professionals who would like to learn more about the world of information security.
- Teaches readers how to dentify systemic security issues based on the analysis of vulnerability and configuration data
- Demonstrates the key differences between Red Teaming and Penetration Testing
- Shows how to build a Red Team and how to identify different operational threat environments.
And then from net security:
The book is aimed at cyber security pros: it does not contain explanations about attack techniques - the author assumes you know about them already.
After reading it, the book really says nothing. Teaches very little things, and things that are not so next gen. And in 35 pages, doesn't even makes a compelling argument about the differences between pentesting and Red Teaming.
With a $40 tag, it's a waste of time.
The author talkes about all kinds of things in the introduction, but really goes into none of them. I'm suprised that Syngress allwed this book to be published.