ComplianceScout.ai
Sign InFree Trial

Red Team

Run adversary simulations against your tenant and review what your detectors caught.

Security detection

Red Team is an adversary-simulation launcher and run history. It offers three modes — Tenant Simulation, Tenant Mirror, and Generic Target — each with built-in scenarios or a custom-prompt option, and optional OSINT sources (federal sources like NVD/CISA/DISA, and third-party sources like OTX, crt.sh, and Shodan). A comprehensive run exercises detectors such as impossible travel, identity drift, credential stuffing, off-hours admin chains, SoD mass grants, OAuth scope escalation, and dormant-account elevation, and reports a verdict.

How to use it

  1. Open Red Team from the sidebar and click New Simulation (admin or red-team-operator role).

  2. Choose a mode: Tenant Simulation, Tenant Mirror, or Generic Target.

  3. Pick a comprehensive run or a built-in scenario, or write a custom prompt describing the attack intent.

  4. Optionally enable OSINT sources; FedRAMP tenants acknowledge each third-party source first.

  5. Launch the run, then open its detail page to watch status and review the verdict and per-detector results.

Tips

  • A comprehensive simulation exercises all detector types in one run and typically completes in about a minute or two.
  • The run table auto-refreshes while any simulation is active.

Related

Open Red Team in the app

Jump straight to the feature, or browse the rest of the guides.

Go to Red TeamAll feature guides →