Laws of the forest
The forest, huge and wild, a digital landscape formed by nature’s own processes and humanoid activities and neglect throughout decades. The forest does have human-made laws and inescapable natural law though.
Conventional pentesting covers the finding of most technical vulnerabilities. The limitations on such processes include time and budget constraints, a limited scope, every effort being made to make the tests as non-disruptive as possible, and having a heavy IT focus. Real adversaries do not follow such ethical codes and are mostly unrestricted in their actions.
That does not mean pentesting is useless. We recommend having done enough pentesting and security awareness training before considering red teaming, unless you think you are already the target of an APT adversary.
We are offering free services to NGO’s and activists. And free does not necessarily mean our services are of low value. On the contrary. Contact us in the Unseen University to discover how we could work together. You do not have to wear a pointy hat or grow a beard. We just use unserious seriousness (or was it serious unseriousness) to maintain our sanity when in paranoia mode.