A red team is the highest level of technical/practical security audit performed for the purpose of increasing the information security posture of an organisation.
Only organisations with a mature security posture can benefit from such an engagement.

A red team engagement differs from a penetration test in terms of timeframes and tactics. Red team engagements can last several months, or even years, and involve the use of real world attack strategies to push back against an organization’s Blue Team (defensive team) with the sole purpose of strengthening the Blue Team’s processes and technologies.

Red team engagements involve the use of a variety of strategies and tactics ranging from technical exploits and human manipulation to physical breaches and deception, depending on the scope of the engagement.