Becoming the Threat, The Making of A World Class Security Team

Presented at Blue Team Con 2022, Aug. 28, 2022, 11 a.m. (50 minutes)

Are you cleverer than a Malware author? Do you feel like you are just waiting on someone or groups of someone's to make their next move and hoping that your defenses can manage? Of course, they don't always do they? And that is because, waiting for the threat to happen, means you are forever behind the power curve. I have created malware that can consistently morph to blow past defenses, but in this case, it is tamed, it doesn't actually cause harm, and stays within your control. Why would I do that? To test the defenses, I wanted to become the malware author so the threat I am working to beat is me! And I want to teach you to do the same. I will walk you through simulated ransomware with various techniques that can be launched in a test environment to test your defenses. Then I am going to show you where common security products fail, where humans fail, and where you can iterate to teach yourself to be different.


  • Aaron Rosenmund - Director of Security Research and Development, Pluralsight
    Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber security workforce and technologies for business and national enterprises alike. In support of the Air National Guard, he contributes those skills part time in various initiatives to defend the nation in cyberspace. Certifications: GIAC GCIA, GIAC GCED, CCNA Cyber Operations, Pentest+, CySa+, CASP.

Similar Presentations: