The team is given a target, a mission, and no information to complete the mission:
- Pros:
- The testing is done without bias
- Most realistic as it allows for the organization to:
- Validate known vulnerabilities
- Test controls and processes of multiple teams:
- Continuous monitoring
- SIEM
- Privileged Access Management
- Cons:
- Most time and resource intensive
- Areas of infrastructure may not be tested