Breaking Red - Designing IOCs Using Red Team Tools

  • Monday, 18 Sep 2017 1:00PM EDT (18 Sep 2017 17:00 UTC)
  • Speaker: Joe Vest

The term Red Team or Red Teaming has become more prevalent in the security industry. 'Both commercial and government organizations conduct \Red Team Exercises". 'What does this mean? 'What is a Red Team engagement? 'How is it different that other security tests? Isn't current penetration and vulnerability security testing enough?

Red Teaming share many of the fundamentals of other security testing types, yet focuses on specific scenarios and goals that are used to evaluate and measure an organization's overall security defense posture. '

Organizations spend a great deal of time and money on the security of their systems. Red Teams have a unique goal of testing an organization's ability to detect, respond to, and recover from an attack. When properly conducted, Red Team activities can significantly contribute to the improvement an organization's security controls, help hone defensive capabilities, and measure the effectiveness of security operations.

This presentation continues to introduce Red Teaming concepts in the "Breaking Red" series and introduces details to the new SANS Red Teaming course - SEC564 Red Team Operations and Threat Emulation.