Live Adversary Simulation: Red and Blue Team Tactics (Overflow)


Posted on in Presentations

Historically, penetration testers and cyber-defenders report to a separate management structure. This can hinder good communication between the two teams. We've all heard the saying “Offense Informs Defense.” This should be a bidirectional feedback loop where each side works together to run simulations and educate each other. This concept is often referred to as “Purple Teaming.”

Learning Objectives:
1: Learn how to perform adversarial threat simulation.
2: Learn how to enable communication between red and blue teams.
3: Understand how to map APT phases to a killchain life cycle.

Pre-Requisites:
A background in systems administration, incident response, forensics, network engineering, penetration testing or other similar disciplines.
Participants
James Lyne

Participant

Chief Technology Officer, SANS Institute

Stephen Sims

Participant

Offensive Operations Curriculum Lead and Fellow, SANS Institute


Share With Your Community