Salus Logo
Penetration Testing

Cyber Adversary Testing

Cyber Adversary testing, using real-world tools and techniques, evaluates security posture against specific threat actors, stretching defences to limit them and providing in-depth insights into control gaps and malicious impact.

This type of testing relies on specific scenarios and objectives for the attacking team

Cyber Adversary testing is the use of real-world tools, techniques, and processes to evaluate your security posture against a specific threat actor or current approaches. This type of testing relies on specific scenarios and objectives for the attacking team, allowing more creative solutions, and stretching your defences to their limit.

The use of this type of testing can provide extreme depth of insight into your security controls, allowing mature teams to identify gaps and provide clear impacts of malicious actions taken against your organisation.

Cyber Adversary Testing Services

Malicious Insider

The only attack surface exposed to external attackers, should be externally facing assets, which are expected to be hardened and well monitored. On the other side, a malicious insider would be expected to have access to the organisation’s internal assets and data, methods of authentication, knowledge of the environment, as well as their actions would be less likely to be picked up as suspicious by internal monitoring. An insider threat has significantly more opportunity and capability to cause damage to an organisation. A malicious insider security engagement would provide the organisation with knowledge of the extent of the actions that a malicious insider could conduct, as well as assess the effectiveness of mitigations in-place.

Red Teaming

Red teaming provides a realistic and wide-ranging assessment of the security posture, surpassing the traditional methods used for penetration tests or vulnerability assessments. It helps organisations identify areas that require improvement by uncovering blind spots, validating existing security controls, and enhancing overall resilience against threats posed by cyber adversaries. The red team's findings and recommendations are used to refine security strategies and enhance incident response capabilities, resulting in a much more fortified defensive line.

Salus use a multi-layered approach to mimic these real-world scenarios. Using objective based testing, we target every part of your company's network and physical infrastructure using the same techniques as a real adversary. During red team engagements, Salus testing teams draw expertise from our subject specialists to provide in-depth testing at every layer of the engagement.


All our consultants have a solid understanding of OSINT techniques to elicit both technical information and personal information to facilitate black team and phishing engagements. We can perform one-off engagements as well as regular engagements to search for changes and additions to the potential risks of publicly available data.

Black Team - Physical Attack Simulation

Exercising an organisation's physical security and personnel security policies and processes is essential for understanding any security vulnerabilities it faces. Black teaming is an approach to security testing that identifies gaps in these safety measures. It also strives to bridge the gaps and ensure these safeguards work effectively.

A black teaming exercise involves assessing security vulnerabilities from a hacker's perspective. It empowers organisations to imbibe their weaknesses and strengthen their safety mechanisms. Like other security testing exercises such as red teaming, it helps organisations fix their vulnerabilities before attackers exploit them. However, covert monitoring of any form needs careful planning and a detailed scope, which does not put the business or the testing organisation in conflict with the Guide to Employment Practices code issued by the Information Commissioners Office (ICO).

The ICO guide for employers makes the position clear. It is critical that planning does not create a scenario where a security exercise gets confused for "The covert monitoring of workers", which can rarely be justified. Black Team Exercises, therefore, need to be authorised by the highest level in your business. Salus can work with you to create a legally safe and appropriate approach to this type of exercise.

Ransomware Simulation Testing

Ransomware is still one of the biggest threats an organisation faces, both from external and supply chain attacks.

Salus consultants will not simply run malware on your system and tell you that "you're vulnerable." These are cutting-edge custom payloads and attack vectors written as threat actors without the malicious element.

Some of our ransomware tests can emulate specific ATP TTP’s. As part of designing your exercise, we ask you to choose your features. Plug-and-play modular design allows custom attacks based on your threat intelligence, key risks, or gut feelings.

Purple Teaming

A red team is ordinarily a group of offensive security professionals who use real-life adversarial techniques to help organisations identify and address vulnerabilities across infrastructure, systems and applications, and weaknesses in processes and human behaviour. In contrast, a blue team is a group of analysts and engineers responsible for defending organisations from cyber-attacks through threat prevention, deception, detection and response.

The stark reality for many organisations is that red and blue teams are often entirely separate and disconnected entities. The Purple team concept addresses this disconnect and is a natural evolution for organisations looking to leverage more advanced security testing. Organisations can benefit from much more tailored, real-world assurance by creating a scenario where the two teams work together (Purple Team). The outcome is that the blue team can effectively identify their detection and response capabilities to be much more closely aligned with real-world threats. Some organisations perform purple teaming as one-off focused engagements. Security goals, timelines, and key deliverables are clearly defined, with a formal process for evaluating lessons learned over an operation. This includes recognising offensive and defensive shortcomings and outlining future training and technical requirements.

  • Enhance security knowledge.
  • Observing and participating in attacks gives the blue team a better understanding of how attackers operate, enabling them to employ technologies to thwart actual attackers more effectively.
  • Boost performance without increasing the budget.
  • Combining defence and offence through purple team exercises allows organisations to improve security monitoring functions faster and at less cost.

An alternative approach within the security industry is to view purple teaming as a conceptual framework. This usually results in a collaborative culture that promotes continuous cyber security improvement. Purple teaming gives your internal security team a critical understanding of gaps in their security posture and helps identify capability enhancement areas.

Phishing / Whaling

Phishing incidents are among the most common methods for attackers to gain an initial foothold on your systems, with research indicating that approximately 9 out of 10 cyber-attacks are the result of an initial phishing attempt. For this reason, Salus consultants have developed an efficient service offering to provide bespoke phishing or whaling engagements to clients to ascertain their employees’ cyber security awareness and responsiveness.

Binary Image

Our Approach

Whatever you're protecting, we apply defence grade cyber security skills whilst taking into consideration the realities of day-to-day business operations. We help our customers to address their known - and their unknown - cyber risks.

Here to Help
Tell Us Your Priorities!

Related Services