There are many constraints with this team, but I wanted to list just three main ones:
- Time:
- As with any project, the resources can't last forever. There is a definitive start and stop date.
- Red teams have to bear this in mind, whereas adversaries don't have to worry about time as they can take as long as they like.
- Skillset:
- If the team is in-house, you will have a skillset deficit unless your team is constantly training on the newest TTPs.
- If the team is outsourced, you will be paying a premium for those skill sets.
- Rules of engagement:
- Red teams have rules that they have to follow, which does not allow them to exploit:
- Production networks and systems
- Out of band vulnerabilities, such as:
- Family members
- Neighbors
- Personal home networks
- Red teams have rules that they have to follow, which does not allow them to exploit: