In this two hour hands-on workshop attendees will play the role of both the red and blue team. We have set up an isolated environment for each attendee to go through a Purple Team Exercise. Attendees will be able to create adversary emulation campaigns and run them in a small environment consisting of a domain controller, member server, and a Linux system. Then they will play the role of the defenders.
This session will follow Chatham House Rule to allow for free exchange of information and learning. We look forward to participants actively engaging in the discussion, and remind attendees that no comment attribution or recording of any sort should take place.
Attendees will need a web browser on a workstation/laptop (no iPads, sorry)
Read the framework: https://github.com/scythe-io/purple-team-exercise-framework/blob/master/PurpleTeamExerciseFramework.pdf
Watch the non-hands-on workshop: https://vimeo.com/446501220
This is a capacity-controlled session. If added to your schedule and your availability changes, please remove this session from your schedule to allow others to participate.
Analytics, Intelligence & Response Hackers & Threats
hackers & threats intrusion prevention/detection penetration testing practitioner perspectives endpoint detection visibility & response
Share With Your Community