The team is given a target, a mission, and no information to complete the mission:

• Pros:
  • The testing is done without bias
  • Most realistic as it allows for the organization to:
    
    • Validate known vulnerabilities
    • Test controls and processes of multiple teams:
      • Continuous monitoring
      • SIEM
      • Privileged Access Management
• Cons:
  • Most time and resource intensive
  • Areas of infrastructure may not be tested