Live Adversary Simulation: Red and Blue Team Tactics

Posted on in Presentations

Historically, penetration testers and cyber-defenders report to a separate management structure. This can hinder good communication between the two teams. We've all heard the saying “Offense Informs Defense.” This should be a bidirectional feedback loop where each side works together to run simulations and educate each other. This concept is often referred to as “Purple Teaming.”

Learning Objectives:
1: Learn how to perform adversarial threat simulation.
2: Learn how to enable communication between red and blue teams.
3: Understand how to map APT phases to a killchain life cycle.

A background in systems administration, incident response, forensics, network engineering, penetration testing or other similar disciplines.
James Lyne


Chief Technology Officer, SANS Institute

Stephen Sims


SANS Faculty Fellow, PenTest and Cyber Defense Essentials Curriculum Lead

Hackers & Threats

threat management penetration testing network security hackers & threats exploit of vulnerability



Share With Your Community