Red Teaming

Course summary

Criminal organizations, who take their profession seriously and are motivated to go for their goals with a fully committed mentality, are looking for the Achilles heel of your organization and therefore penetrate deep into the DNA of your organization. They look for opportunities, or create them, to achieve their goals by figuring out how to disrupt security in your organization. In any form whatsoever, whether organizational, architectural, electronic or otherwise. With Red Teaming, we're basically doing the same thing. By thinking like the enemy, we can expose the threats and risky processes and weaknesses in your existing (security) organization.

  Duration of the training

4 days/36-40 hours (preferably 2 x 2 days in 2 weeks)

  Course Language

The course can be given in both Dutch and English.


After attending the course, each participant receives a certificate of participation from the ISEG Training Center

Price per student excluding VAT and including parking, practice materials, use of WiFi, lunch, coffee and tea

On request

  Course dates

On request


Incompany or on location at ISEG:

Landgoed Beukbergen

Amersfoortseweg 59

3712 BB Huis Ter Heide


Think like your opponent and stay away from existing paths and already known risks. That's the power of Red teaming. So "out-of-the-box" thinking, instead of calibrated attack tactics based on risk analyses of past incidents. Thinking from a threat perspective is important before thinking in terms of risks. Producing realistic threat scenarios that are tailored to your organization produces an attack methodology that is real and therefore never exaggerated. The use of Red Teaming is growing because it is especially successful with organizations that think they are secure enough. It doesn't matter whether your organization is public or private. 

The course is taught by two highly experienced trainers who are experts in their field and work on both a strategic and operational level. The practical exercises are coordinated and supervised by a third trainer (White Team) who is also present as an observer at the live exercises at the selected locations. Depending on the level of the participants and knowledge about proactive security, a third trainer will be added.


The format for this specifically tailored training for your organization has been developed by Dick Drent, Director Omnirisk and Managing Partner of ISEG. Dick will therefore give the training himself in cooperation with a co-trainer. After 28 years of working for the Special Services of the police, Dick has been Head of Security Affairs and Corporate Security Manager of the Van Gogh Museum in Amsterdam for 10 years since 2005. Dick provides training and advice in the field of proactive security to a variety of national and international organizations, governments and institutions. He is also responsible for strategic and operational support in major investigations, aimed at assettracing and recovery in major fraud investigations or, for example, art thefts. Dick is supported in the Red Teaming training by colleagues with a similar background, often from the special departments of police or defense and working at ISEG.

The 'Red Teaming' course is given on location at the Beukbergen Estate in compliance with the guidelines set by the RIVM with regard to COVID-19!

Course content

During this course the following, among other things, will be discussed:

    • Classical participation with a theoretical basis and interactive exercises at both strategic and operational level.
    • Coordinated group exercises in live situations (no role play but actual testing of safety measures in a company or organization)
    • Theory of understanding how security is usually set up and learning why the traditional form of risk management, based on incidents, cannot be related to threats
    • Preparing a business case and performing various Red Team operations in break-out groups, examining and reporting on the strengths and weaknesses in the security of designated sites
    • Evaluate and report the results of a Red Team exercise
    • Students will be able to perform a Red Teaming within any organization
    • Students can work as a Blue Team (guardians) or a White Team (referees) when deployed

The following learning objectives will be discussed in more detail:

    • What is Red Teaming
    • What is proactive safety
    • What is information driven security
    • How can we use OSINT and HUMINT in the context of Red Teaming
    • What the criminal or terrorist planning cycle is, and which phases are visible
    • How to think like a criminal or terrorist to understand security vulnerabilities
    • How to build a story and/or cover story that can withstand control
    • Which techniques are used to mask aberrant behavior
    • To think about management aspects related to the deployment of Red Teaming
    • Understanding the use of Red Teaming as a serious tool for strategically or operationally testing the strength or weakness of OCE security measures                       

Objective of the course:

At the end of this course the students will have access to it:

    • Knowledge and insight about working with and applying Red Teaming
    • Insight into the reasons why Red Teaming is used as a "Serious Game" to reveal weaknesses in an organization's security measures
    • Insight in the structure of Red Teaming and the underlying philosophy as a starting point to perform a Red Teaming yourself
    • Are able to apply threat and risk analysis methods in combination with proactive security measures
    • Have a working knowledge of how to perform a Red Team exercise within any organization
    • Have insight and knowledge of working in a security role in a public or private organization by using the knowledge of Red Teaming.
    • Knowledge of the essential aspects of the proactive security method as a basis for the implementation of Red Teaming in an organization or company
    • Information and knowledge about the criminal and terrorist planning cycle and the modus operandi that opponents use
    • Knowledge that enables them to put themselves in the shoes of a criminal or a terrorist
    • Possibilities to make use of thinking from a different mindset
    • Knowledge to think outside existing frameworks and to be creative in finding solutions for "problems".
    • Knowledge to work from a criminal or terrorist point of view in finding threats and resulting risks in security measures in an organization
    • Knowledge about the value of information-driven security and the use of OSINT and HUMINT as resources for their purposes as Red Team
    • Knowledge to operate as a Red Team, but also as a Blue Team (defender of the organization) or a White Team (the referee during a Red Teaming).


For more information about the course you can send a message to or you can contact us by phone on +31 (0)35 2340422. You can also register directly for the course using the button below.

Register directly

Curious about the possibilities?

Contact us