Join us for in-depth talks, exclusive networking, and world-class training at Security Awareness Summit Dec 1-4!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Could we have prepared for this? Attack Simulations for Blue Team Hardening

  • Monday, March 05, 2018 at 1:00 PM EST (2018-03-05 18:00:00 UTC)
  • Alissa Torres

You can now attend the webcast using your mobile device!



A post-compromise, post-remediation security team is comprised of steely-eyed veterans, tempered by the fire of system ownage and soul-wrenching defense and detection fails. Their experience is invaluable, but arrived at with significant cost to the organization. How can we grow such a hardened blue team of this metal without the cost and pain of time on the battlefield? Go beyond the tabletop walk-throughs and test the "load bearing" capacity of your threat detection and response (TDR) people, process and technology. Throw your team into simulations of the hard stuff; real world challenges that model complex multi-pronged attacks. Join Alissa Torres for this one hour session walk-through of stress-test techniques that develop your blue team and stop checking annual compliance boxes.

Speaker Bio

Alissa Torres

Alissa Torres is a SANS analyst and certified SANS instructor specializing in advanced computer forensics and incident response (IR). She has extensive experience in information security in the government, academic and corporate environments. Alissa has served as an incident handler and as a digital forensic investigator on an internal security team. She has taught at the Defense Cyber Investigations Training Academy (DCITA), delivering IR and network basics to security professionals entering the forensics community. A GIAC Certified Forensic Analyst (GCFA), Alissa holds the GCFE, GPEN, CISSP, EnCE, CFCE, MCT and CTT+ certifications.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.