Capable of simulating external, internal, and phishing attack techniques, phishing simulations must delivery in Mandarin.
Attack simulation tools are strictly limited to open-source or commercial software not developed or manufactured in China.
The service methodology is based on internationally recognized frameworks (MITRE ATT&CK), with all attack activities and remediation recommendations mapped to MITRE TTPs and documented in the “Red Team Report.”
The service scope is customizable to client requirements.
Requirements:
A minimum of 5 years’ experience in Red Team services.
Proven track record of delivering Red Team services to financial industry clients across the Asia-Pacific region (verifiable evidence required).
More than 5 certified simulation attack experts with OSCP certification, including at least 2 experts with OSWE certification.
Simulation attack experts must not be Chinese nationals or located in China. Services are available between 07:00 AM and 19:00 PM (GMT+8), with on-site delivery in Taiwan if necessary.
Experts can conduct video conferences or email communications in Mandarin or provide a translator with cybersecurity expertise.
The service scope is customizable to client requirements.
Must be a CNA (CVE Numbering Authority) partner authorized by the MITRE Corporation for the Common Vulnerabilities and Exposures (CVE®) program
