Originally Posted by
daw617
But Red Teams aren't supposed to do a damn thing for you, are they? They're supposed to test whether the system as a whole is working, and to proactively identify potential vulnerabilities in the system before those vulnerabilities are exploited by bad guys. They're not intended to directly help trainers; that's not their primary mission.
Originally Posted by
Bart
Theoretically, they're supposed to reveal weaknesses we're supposed to improve through training.
Originally Posted by
Tom M.
If the Red Teams get W.E.I.'s through security, they are revealing a weakness.
But where, exactly, is the responsibility for that weakness? Sometimes, the weakness is with an individual screener; at that point, the correction (either redemptive or punitive) should be applied to that individual screener. Sometimes, the weakness is with the system, not the players; for example, the Red Team gets a weapon through using known gaps in the system. At that point, disciplining the individual screener is most likely ineffective; you'd be holding a screener responsible for a failure they weren't trained to prevent.
I don't know anything about Red Teams, so I don't know what they're trying to do. But if the purpose of the Red Team is to try to circumvent security procedures ... well, we know that can be done very easily. Heck,
a reporter and a self-taught security expert proved it last November.