A review on the effectiveness of red teaming exercises in modern cybersecurity

Razzak, Muhammad Eizzat Abdul and Zolkipli, Mohammad Fadli (2025) A review on the effectiveness of red teaming exercises in modern cybersecurity. World Journal of Advanced Research and Reviews, 26 (3). pp. 2592-2606. ISSN 2581-9615

Red teaming exercises have become an essential tool in modern cybersecurity, providing a proactive approach to assessing and enhancing defensive capabilities against sophisticated threats. This paper presents a comprehensive review of the effectiveness of red teaming by analysing its core methodologies, tools, and emerging adaptations. A detailed examination is provided regarding adversary simulation and emulation techniques, emphasizing the use of frameworks such as MITRE ATT&CK and Breach and Attack Simulation (BAS) platforms. Physical security assessments also play a significant role, with red teaming techniques continuously evolving to address new architectures like cloud computing, serverless environments, and microservices. Evaluating the effectiveness of red teaming exercises requires a robust framework, incorporating key performance indicators (KPIs) and metrics. However, challenges persist in measurement and attribution, necessitating accurate and reliable methods to truly assess the impact of these exercises. Common challenges are discussed, together with operational risks and ethical challenges. Looking towards the future, the influence of artificial intelligence (AI) and automation on red teaming is analysed, along with the rise of purple teaming and the application of red teaming strategies within Zero Trust architectures. These trends highlight the continuous adaptation required to address the dynamic threat landscape. This review aims to provide valuable insights into the evolving methodologies and future directions of red teaming exercises.