Loading…
Back To Schedule
Saturday, March 28 • 10:30am - 11:00am
From 0 to red team — what does the red team do and when/why do I need one?

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.


This talk will discuss what the red team does and the maturity level that an organization should have in order to truly gain value from a red team engagement. This important to discuss because red teams often do not provide as much value as a higher-level assessment (penetration test, vulnerability assessment) due to an organization’s lack of security maturity. Red team engagements are often requested by organization because it is a “buzz word” or “hot term” in security. After attending this talk, the audience will understand the difference between a vulnerability assessment, a penetration test, and a red team engagement. They will understand the maturity level that should be reached before engaging in any of the aforementioned assessment types. 

-    Get to know your attack surface 
o    What assets do you have? 
o    What applications are in your environment? 
o    What vulnerabilities are in your environment 
-    Vulnerability Management 
o    Allows for the discovery of assets 
o    Helps discover areas of improvement 
o    We can see some of weaknesses and what we need to patch 
o    2nd step on the journey to a red team engagement 
-    Penetration testing 
o    Allows an organization to discover weaknesses in their environment 
o    Opportunity to test security controls 
o    Ideally a blackbox test will be performed by a third party in order to get an independent perspective 
o    Usually compliance driven 
o    Security team often knows the test is in progress 
-    Red Team/Advanced Adversary Simulation 
o    Longer engagement 
o    Often times only a handful of high-ranking execs will know about the engagement 
o    Test blue team capabilities 
o    Emulate advanced adversaries such as nation states 
o    Objective driven 
o    Need to have a mature security program in order to truly get value 
-    Summary 
o    Vuln vs Pen vs Red Team 
o Take aways

Zoom link: https://zoom.us/j/266304316

Speakers

Saturday March 28, 2020 10:30am - 11:00am EDT
'Connect' track 3333 Busbee Dr NW, Kennesaw, GA 30144, USA