Applied Purple Teaming

Presented at CircleCityCon 8.0 (2021) Virtual, Unknown date/time (Unknown duration).

Purple teaming is all about working together to make a scenario-based testing a structured, ordered and repeatable exercise. This happens by engaging all relevant cyber offence and defence stakeholders, establishing a clear path from an initiative (an emerging threat) to a desired outcome (prevention and detection capabilities) and implementing this approach as an element of cyber security strategy.

During the talk we will touch purple teaming approach focusing on technical aspects of it – from an intelligence report and malware analysis, through developing and conducting TTP-based emulation to remediating gaps by hardening configuration and fine-tuning monitoring alerts.


Presenters:

  • Patryk Czeczko
    Technical director in the Purple Team in a global bank, managing cooperation between offensive and defensive teams, modelling and conducting TTP-based adversary simulations. Former lead of the Red Team in a Big4 company, managed and conducted tens of red team/purple team engagements for clients (mainly PL). Speaker at x33fcon, What The Hack and The Hack Summit. Areas of expertise and interest include adversary emulation, malware development and Windows/AD internals.
  • Paweł Kordos
    On a daily basis, a pentester@KMD who enjoys solving security issues. Former Senior Consultant@Big4 company. Experienced Cyber Security Trainer. Involved in offensive testing (Red Teaming) for multiple industries. His interests concern all aspects of computer security, with particular emphasis on Web security, malware creation and AD Exploitation. Previously delivered presentations on x33fcon, What The Hack and The Hack Summit.

Similar Presentations: