Aevora

Menu
REQUEST QUOTE

Red Team

Scoping - First Phase

The first phase of scoping focuses on gathering enough detail to propose a timeline and quote. It also captures general information about your environment and engagement to support further communication. The second phase covers more specific technical details, such as target lists, test credentials, and other environment-specific requirements. Once both phases are complete, we review all information, provide a summary of work, and proceed to kick-off the engagement.

When would you like this test to be completed?
Does this engagement have a report deadline?
Are there any compliance requirements?
Most red team assessments run 4 to 8 weeks, but lightweight or highly targeted engagements can be shorter, while full-scale, multi-vector tests can span 2–3 months or longer. These engagements typically take longer due to larger scope, additional planning, and advanced tactics to go undetected.
What is the assumed threat actor profile (or threat emulation level)?
What is the target scope (logical or physical)?
Will any initial access be granted?
Will phishing or social engineering be part of the assessment?
Will physical access be tested?
Are wireless networks in-scope (e.g., Wi-Fi attacks, rogue APs)?
What are acceptable times for testing?
Will the blue team (defenders) be informed?
Please feel free to provide any other details that you would like to share.