Breaking Red - Understanding Threats through Red Teaming

  • Friday, 17 Mar 2017 3:00PM EST (17 Mar 2017 19:00 UTC)
  • Speakers: Joe Vest, James Tubberville

The term Red Team or Red Teaming has become more prevalent in the security industry. Both commercial and government organizations conduct \Red Team Exercises". What does this mean? What is a Red Team engagement? How is it different that other security tests? Isn't current penetration and vulnerability security testing enough?

Red Teaming share many of the fundamentals of other security testing types, yet focuses on specific scenarios and goals that are used to evaluate and measure an organization's overall security defense posture.

Organizations spend a great deal of time and money on the security of their systems. Red Teams have a unique goal of testing an organization's ability to detect, respond to, and recover from an attack. When properly conducted, Red Team activities can significantly contribute to the improvement an organization's security controls, help hone defensive capabilities, and measure the effectiveness of security operations.

This presentation introduces Red Teaming concepts and the new SANS Red Teaming course - SEC564 Red Team Operations and Threat Emulation