• darkblurbg
  • darkblurbg

Red Teaming course

Criminal organizations that take their profession seriously and are motivated to go for their goals with a fully committed mentality are looking for the Achilles heel of your organization and therefore penetrate deep into the DNA of your organization. They look for opportunities, or create them, to achieve their goals by figuring out how to disrupt safety in your organisation. In any form whatsoever, whether it is organizational electronic or otherwise. With Red Teaming, we actually do the same thing. By thinking like the enemy, we can expose the threats and risky processes and weaknesses in your existing (security) organization.


Think like your opponent and stay away from existing paths and already known risks. That's the power of Red teaming. So "out-of-the-box" thinking, instead of calibrated attack tactics based on risk analyses of past incidents. Thinking from a threat perspective is important before thinking in terms of risks. Producing realistic threat scenarios that are tailored to your organization produces an attack methodology that is realistic and therefore never exaggerated. The use of Red Teaming is growing because it is especially successful with organizations that think they are well enough secured. It doesn't matter whether your organization is public or private.

The course is taught by two highly experienced trainers who are experts in their field and work on both a strategic and operational level. The practical exercises are coordinated and supervised by a third trainer (White Team) who is also present as an observer at the live exercises at the selected locations. Depending on the level of the participants and knowledge about proactive security, a third trainer will be added.

Course content

During this course the following, among other things, will be discussed:

  • Classical participation with theoretical basis and interactive exercises at both strategic and operational level
  • Coordinated group exercises in live situations (no role play but actual testing of safety measures in a company or organisation)
  • Theory about understanding how security is usually designed and learning why the traditional form of risk management, based on incidents, cannot be related to threats.
  • Preparing a business case and performing various Red Team operations in break-out groups, examining and reporting on the strengths and weaknesses in the security of the designated sites.
  • Evaluating and reporting and the results of a Red Team exercise
  • Students will be able to perform a Red Teaming within any organization.
  • Students can work as a Blue Team (protectors) or a White Team (referees) when they are deployed.

The following learning objectives will be discussed in more detail:

  • What is Red Teaming
  • What is proactive safety
  • What is information-driven security
  • How can we use OSINT and HUMINT in the context of Red Teaming?
  • What the criminal or terrorist planning cycle is, and which phases are visible
  • How to think like a criminal or a terrorist to understand security vulnerabilities
  • How to build a story and/or cover story that can withstand control
  • Which techniques are used to mask anomalous behaviour
  • To think about management aspects related to the deployment of Red Teaming
  • Understanding the use of Red Teaming as a serious tool for strategically or operationally testing the strength or weakness of OCE security measures

Objective of the course:

At the end of this course the students will have:

  • Knowledge and insight about working with and applying Red Teaming
  • Insight into the reasons why Red Teaming is used as a "Serious Game" to make the weaknesses in an organization's security measures visible.
  • Insight into the structure of Red Teaming and the underlying philosophy as a starting point to carry out a Red Teaming yourself.
  • Are able to apply threat and risk assessment methods in combination with proactive security measures
  • Have a working knowledge of how to conduct a Red Team exercise within any organization
  • Have insight and knowledge of working in a safety role in a public or private organization by using the knowledge of Red Teaming.
  • Knowledge of the essential aspects of the proactive security method as a basis for the implementation of Red Teaming in an organization or company
  • Information and knowledge about the criminal and terrorist planning cycle and the modus operandi used by opponents
  • Knowledge that allows them to put themselves in the shoes of a criminal or a terrorist
  • Possibilities to make use of thinking from a different mindset
  • Knowledge to think outside existing frameworks and be creative in finding solutions to "problems
  • Knowledge to work from a criminal or terrorist point of view in finding threats and resulting risks in security measures in an organisation
  • Knowledge about the value of information-driven safety and the use of OSINT and HUMINT as sources for their purposes as Red Team
  • Knowledge to operate as a Red Team, but also as a Blue Team (defender of the organization) or a White Team (the referee during a Red Teaming).


On the basis of the performance observed by the teachers, the participants can opt for personal advice. This is up to the participant.

Course duration

4 days/ 36-40 hours (preferably 2 x 2 days in 2 weeks)


After attending the course each participant will receive a certificate of participation.

Price excluding VAT and including coffee, tea and lunch

€ 2500,-


Beukbergen Estate

Amersfoortseweg 59

3712 BB Huis Ter Heide

Course dates

Follow as soon as possible

Would you like to register for this course or are you interested in an InCompany course? Then send us a message.