Become more effective at your job with hands-on cyber security training in Austin. Save $350 thru 9/25.


To attend this webcast, login to your SANS Account or create your Account.

Breaking Red - Designing IOCs Using Red Team Tools

  • Monday, September 18th, 2017 at 1:00 PM EDT (17:00:00 UTC)
  • Joe Vest
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!


The term Red Team or Red Teaming has become more prevalent in the security industry. Both commercial and government organizations conduct "Red Team Exercises". What does this mean? What is a Red Team engagement? How is it different that other security tests? Isn't current penetration and vulnerability security testing enough?

Red Teaming share many of the fundamentals of other security testing types, yet focuses on specific scenarios and goals that are used to evaluate and measure an organization's overall security defense posture. 

Organizations spend a great deal of time and money on the security of their systems. Red Teams have a unique goal of testing an organization's ability to detect, respond to, and recover from an attack. When properly conducted, Red Team activities can significantly contribute to the improvement an organization's security controls, help hone defensive capabilities, and measure the effectiveness of security operations.

This presentation continues to introduce Red Teaming concepts in the "Breaking Red" series and introduces details to the new SANS Red Teaming course - SEC564 Red Team Operations and Threat Emulation.

Speaker Bio

Joe Vest

Joe Vest has worked in the information technology industry for over 17 years with a focus on red teaming, penetration testing and application security. As a former technical lead for a DoD red team, he has extensive knowledge of cyber threats and their tactics, techniques, and procedures including threat emulation and threat detection. Joe is the co-founder of the security consulting company MINIS LLC, providing innovative solutions for the mitigation against an ever-changing cyber threat. He is the co-author of the SANS SEC564 Red Team Operations and Threat Emulation course. He was the technical editor for the book RTFM - Red Team Field Manual. As a leading security professional, he has achieved numerous security certifications: OSCP, CISSP-ISSMP, CISA, GPEN, GCIH, GWAPT, CEH, Security+

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.