RedTeamOps

Presented at DeepSec 2020 „The Masquerade“, Unknown date/time (Unknown duration).

Red team operations involve many skills, the operation requires a lot of monitoring, consolidating and caution. In order to perform red team operations faster and stealthier, without thinking about the infrastructure, every team has its' own habits and standards. However, there is a problem with those habits and standards: - There are tons of tools but no operation management, - No aggregation between these tools, - When OPSEC fails due to problems above or any other reason, it's essential to possess the capability of maintaining robust infrastructure which can be recreated if discovered, and more importantly, without any issues upon deployment. In this talk, infrastructure challenges we face as a red teamer will be discussed. Along with challenges, a solution will be proposed based on DevOps practices such as: - Design your infrastructure based on the standards and habits which your team has - Create playbooks which suit your needs based on your design - Create CI pipeline to test and maintain your playbooks

Presenters:

  • Mert Can Coşkuner - Trendyol   as Mert Can Coskuner
    Mert Can Coskuner is a Security Engineer at Trendyol. He is publishing a security blog at medium.com/@mcoskuner. In his free time Mert Can is performing malware, red team and threat intelligence research.
  • Caglar Cakici - Trendyol
    Mert Can Coskuner is a Security Engineer at Trendyol. He is publishing a security blog at medium.com/@mcoskuner. In his free time Mert Can is performing malware, red team and threat intelligence research.

Links:

Similar Presentations: