Live Adversary Simulation: Red and Blue Team Tactics (Overflow)


Posted on in Presentations

Historically, penetration testers and cyber-defenders report to a separate management structure. This can hinder good communication between the two teams. We've all heard the saying “Offense Informs Defense.” This should be a bidirectional feedback loop where each side works together to run simulations and educate each other. This concept is often referred to as “Purple Teaming.”

Learning Objectives:
1: Learn how to perform adversarial threat simulation.
2: Learn how to enable communication between red and blue teams.
3: Understand how to map APT phases to a killchain life cycle.

Pre-Requisites:
A background in systems administration, incident response, forensics, network engineering, penetration testing or other similar disciplines.

Participants
James Lyne

Director of Research, SANS Institute

Stephen Sims

SANS Faculty Fellow, PenTest and Cyber Defense Essentials Curriculum Lead

Hackers & Threats

threat management penetration testing network security hackers & threats exploit of vulnerability


Topic

Subtopic


Share With Your Community