CORIE Red Team Attack Simulation
What is CORIE?
CORIE is a framework for simulating realistic and coordinated cyber attacks on organisations, based on real-life threats.
CORIE (Cyber Operational Resilience Intelligence-led Exercises) is a program of exercises aimed at mimicking the Tactics, Techniques and Procedures (TTPs) of real-life adversaries. CORIE helps organisations stay resilient and provides a comprehensive and holistic view of the organisation’s ability to identify and respond to real-world threats.
CORIE follows existing frameworks including CBEST (UK) TIBER (EU) and iCAST (HK) and sets the benchmark for best practices in Threat Intelligence-Led Red Teaming.
Whilst CORIE is issued by the Australian Council of Financial Regulators (CFR) and will likely become an enforced regulation for financial institutions (FIs), it is quickly being adapted by other industries as the gold standard for attack simulation.
Why Choose a CORIE Red Team?
Forward-looking or mature organisations have a need for more comprehensive and realistic attack simulations that put their resilience and blue teaming capabilities to the test.
Australia’s FIs will have to undergo CORIE once it becomes a regulation.
Australian organisations are under constant attack by sophisticated, resourceful and motivated adversaries looking to cause financial harm by disrupting critical business processes, or by causing reputational damage. To avoid or prevent these worst-case scenarios, organisational resilience should be proactive and not reactive.
CORIE Red Teams simulate these adversaries in an exercise that is an objective-based simulation, targeting organisational ‘crown jewels’ or critical business services. CORIE Red Team tests the security posture of the people, processes and technology and their ability to identify, mitigate and respond to a realistic and targeted attack.
CORIE or CORIE-aligned
CORIE was created for FIs, but is the Australian gold standard for attack simulation across all industries.
- Privasec can deliver “CORIE” Red Teams to FIs within the CFR CORIE program.
- Privasec can deliver “CORIE-aligned” Red Teams to all other organisations wishing to prepare for future obligations, or simply to test and fortify their resilience.
- All CORIE Red Teaming activities are performed by Privasec’s local Australian team.
CORIE and CORIE-lign Red Team engagements both follow the same methodology and requirements.
Which red team is right for you?
CORIE Red Team
CORIE-aligned Red Team
Traditional (attack-only) Red Teaming exercises
Red Team Breakdown
How does it work?
We understand critical business services, scenarios and regulatory requirements.
Threat Intelligence is gathered and assessed to identify realistic real-world adversaries to emulate their modus operandi.
Privasec simulates the threats and performs a coordinated attack simulation to assess the people, process and technology resilience controls.
Click on the icon to read about our Attack Execution methodology
Reporting & Remediation Plan
Privasec prepares a report including remediation planning and the creation of a step-by-step attack diagram and timeline.
Already know what you are after?
Get a quick quote from our consultants.