Software Integrity Blog

Author Archive

Thomas Richards


Thomas Richards is an associate principal consultant at Synopsys. His primary areas of expertise include Red Teaming and Mobile Security. He is an Offensive Security Certified Professional (OSCP) and a member of The Open Organization of Lockpickers (TOOOL). Thomas spends his days guiding clients through secure mobile application development and secure web services API design. In his free time, he enjoys playing guitar, camping and spending time with his four kids.

Posts by Thomas Richards:


How to build a game-changing red team

Building a red team requires finding the right personnel with the malicious mindset, technical talent, and vision to drive the program to success. An impactful and game-changing red team will increase your organization’s security posture by performing holistic testing and emulating real-world threat actors. Your team will identify areas where vulnerability protection, attack detection, and reaction processes can be improved to prepare for a real attack. How do I build a red team? Your team must have a leader who can drive the program and technical staff who will perform the day-to-day activities. As you build a red team, keep in mind some key characteristics that make for a group that works together effectively. Leadership Key personnel with leadership and vision can drive a red teaming program to success. Your team leaders should have not only the technical expertise but also the business sense to identify and pursue opportunities in the organization. This will help them communicate strategic goals to their team and outline business risks with senior organization leadership. They’ll also shape and drive the mission of the team and lead the program to success.

Continue Reading...

Posted in Application Security