CORIE Red Team Attack Simulation

What is CORIE?

CORIE is a framework for simulating realistic and coordinated cyber attacks on organisations, based on real-life threats.

CORIE (Cyber Operational Resilience Intelligence-led Exercises) is a program of exercises aimed at mimicking the Tactics, Techniques and Procedures (TTPs) of real-life adversaries. CORIE helps organisations stay resilient and provides a comprehensive and holistic view of the organisation’s ability to identify and respond to real-world threats.

CORIE follows existing frameworks including CBEST (UK) TIBER (EU) and iCAST (HK) and sets the benchmark for best practices in Threat Intelligence-Led Red Teaming. 

Whilst CORIE is issued by the Australian Council of Financial Regulators (CFR) and will likely become an enforced regulation for financial institutions (FIs), it is quickly being adapted by other industries as the gold standard for attack simulation.

Threat Intelligence-led. 

Intelligence-led means leveraging industry-specific attacks, online chatter and other sources of intelligence to identify the most likely threats to your organisation and tailoring your Red Team to simulate these exact threats.

Why Choose a CORIE Red Team?

Forward-looking or mature organisations have a need for more comprehensive and realistic attack simulations that put their resilience and blue teaming capabilities to the test.

Australian organisations are under constant attack by sophisticated, resourceful and motivated adversaries looking to cause financial harm by disrupting critical business processes, or by causing reputational damage. To avoid or prevent these worst-case scenarios, organisational resilience should be proactive and not reactive. Australia’s FIs will have to undergo CORIE once it becomes a regulation.

CORIE Red Teams simulate these adversaries in an exercise that is an objective-based simulation, targeting organisational ‘crown jewels’ or critical business services. CORIE Red Team tests the security posture of the people, processes and technology and their ability to identify, mitigate and respond to a realistic and targeted attack.

CORIE or CORIE-aligned

CORIE was created for FIs, but is the Australian gold standard for attack simulation across all industries.

  • Sekuro can deliver “CORIE” Red Teams to FIs within the CFR CORIE program.
  • Sekuro can deliver “CORIE-aligned” Red Teams to all other organisations wishing to prepare for future obligations, or simply to test and fortify their resilience.
  • All CORIE Red Teaming activities are performed by Sekuro’s local Australian team.

CORIE and CORIE-aligned Red Team engagements both follow the same methodology and requirements.

Which red team is right for you?

CORIE Red Team
Regulated FI’s who have been contacted by the CFR must perform a CORIE Red Team.
CORIE-aligned Red Team
Forward-looking or mature organisations looking to prepare for upcoming CORIE regulations or looking to have a comprehensive testing exercise performed (to an expected gold standard) can perform CORIE aligned testing.
Traditional (attack-only) Red Teaming exercises
For medium sized organisations looking to simulate a very specific attack without requiring Threat Intelligence, Sekuro proposes traditional (attack-only) Red Teaming exercises.

Red Team Breakdown

CORIE infographic | Privasec

How does it work?


We understand critical business services, scenarios and regulatory requirements.

Threat Intelligence

Threat Intelligence is gathered and assessed to identify realistic real-world adversaries to emulate their modus operandi.

Attack Execution

Sekuro simulates the threats and performs a coordinated attack simulation to assess the people, process and technology resilience controls.

Reporting & Remediation Plan

Sekuro prepares a report including remediation planning and the creation of a step-by-step attack diagram and timeline.

Already know what you are after?

Get a quick quote from our consultants.

Scroll to Top