A red team is, like its name states, a team. This is a great thing since each member brings his or her own experiences into the mix. Each member of the team has a specific area that he or she is responsible for. These are usually based on the knowledge of that particular person and on his/her personality.

Yes, personality plays a huge role here. For example, not everyone is comfortable with physical security breaches, social engineering or writing attack codes on the fly. If a team member is not an expert in coding the initial exploit, they will usually be the one calling the target and causing her to run the exploit. Although we are masters of our specific sectors, we can do work in other areas as well. We all know how to code and also understand the basics of digital and physical security. However, some of us are experts in these areas and we often take the lead when a related operation comes along.

Still, the success of a project or operation is a team effort, always. Their combined knowledge and ridiculous thinking is key.

During one project, we had two guys in the field trying to assess the personal security of a large corporation’s C-level executives while they were abroad. They were working with limited equipment and relied on us, the guys back at HQ, to help them through the project. These were two of the most capable hackers and security experts I know. Although both had years of experience (one of them being a former SOF operator), they knew that they would need help from the team to successfully complete the op.