Live Adversary Simulation: Red and Blue Team Tactics

Posted on in Presentations

Historically, penetration testers and cyber-defenders report to a separate management structure. This can hinder good communication between the two teams. We’ve all heard the saying ‘Offense Informs Defence’. This should be a bidirectional feedback loop where each side works together to run simulations and educate each other. This concept is often referred to as ‘Purple Teaming’.

Learning Objectives:
1: Learn how to perform adversarial threat simulation.
2: Learn how to enable communication between red and blue teams.
3: Understand how to map APT phases to a killchain life cycle.

Experience in cyber-defence, penetration testing or incident response and forensics.
Stephen Sims


SANS Faculty Fellow, PenTest and Cyber Defense Essentials Curriculum Lead

Analytics Intelligence & Response Security Strategy & Architecture


Share With Your Community