A Red Team Assessment is a combination of Web Application, Infrastructure, Social Engineering and Digital Footprinting. The scope tends to be quite open for a Red Team Assessment and the client is fully aware that any method (within legal and reasonable allowance) can be used to attempt to compromise the client’s computer systems. Of course, limitations can be placed on this to attempt to focus areas of testing to areas of highlighted risk. However, doing so may be counter intuitive of this particular category which is to simulate a real attack scenario in which attackers would not have such limitations.
This type of test is ideal for companies who are unsure where their weaknesses are but feel that their security is overall extremely healthy.