Learn real-world cyber security skills directly from top industry experts during SANS Live Training events. Explore options.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Overt Operations | When the Red Team gets in your Face!

  • Friday, June 26, 2020 at 1:00 PM EDT (2020-06-26 17:00:00 UTC)
  • Matthew Toussain

You can now attend the webcast using your mobile device!



We talk covert operations all the time, but theres more. What does an advanced red team do when their cover is blown? What changes do you make when the blue team already knows you're there? How do we operate overtly!?

In this webcast we delve into the specialized world of advanced red teaming. Here we move beyond the basics of an active directory domain and discuss methods to acquire freedom of maneuver within a target environment by leveraging all of the nuance that makes each enterprise unique. We'll explore effects driven operations and examine techniques to safely target Industrial Control Systems (ICS). Finally, advanced red teamers don't simply attack enterprises; they craft techniques to attack the enterprise defenses, weaponizing them against the organization itself. The thing is... if the defenders already know youre there, what could be better than making them think youre everywhere!

Speaker Bio

Matthew Toussain

A graduate of the U.S. Air Force Academy with a B.S. in computer science and the SANS Technology Institute with an M.S. in information security engineering, Matthew has served as the senior cyber tactics development lead for the U.S. Air Force (USAF) and worked as a security analyst for Black Hills Information Security. In 2014, he started Open Security, which performs full-spectrum vulnerability risk assessments. He is co-author of SEC460: Enterprise and Cloud | Threat and Vulnerability Assessment and has created numerous popular penetration testing tools. Matthew is also a Grand Champion of NetWars Tournament of Champions and holds 10+ security certifications.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.