OPFOR 4Ever

Presented at DEF CON 20 (2012), July 29, 2012, 10 a.m. (50 minutes)

Training utilizing Opposing Forces, or OPFOR, is an exercise focused on improving detection and response through the principle of "train as you fight." We will demonstrate how we have applied OPFOR to build a continuous feedback loop between penetration testing and incident response. In OPFOR 4Ever, the defense trains the offense just as much as the offense trains the defense, and the exercise has no end date. Come see us demonstrate some attacks as seen from the point of view of the defender as well as the attacker. You can then watch the replay as we use OPFOR principles to evolve these attacks to a form more suitable for real-world penetration testing, pentesting that strives to better simulate what blackhats actually do. This of course raises the bar for incident responders. Evolve or die.

Presenters:

• Christopher Pogue - Managing Consultant, Trustwave SpiderLabs
  Christopher Pogue is the Managing Consultant of the SpiderLabs Incident Response and Digital Forensics team. Having served as a US Army Signal Corps Warrant Officer, he worked on digital forensic investigations and as Cyber Security Instructor. Pogue joined the IBM Internet Security Systems (ISS) X-Force after leaving the military. As a Penetration Tester and Forensic Investigator with IBM, he performed over 300 penetration tests and 50 investigations. In his role with SpiderLabs, Pogue leads the team that performs investigations all over the United States, Central and South America, and the Caribbean Islands. He also assists local, state, and federal law enforcement agencies with cases involving digital media.
• Tim Maletic - Senior Security Consultant,Trustwave SpiderLabs
  Tim Maletic is a Senior Security Consultant within the Penetration Testing team at Trustwave's SpiderLabs. Tim has been working in IT since the birth of the web, and has been focused full-time on information security since 2001. Prior to joining Trustwave, Tim held positions as Senior UNIX Engineer, Senior Security Engineer, and Information Security Officer.

Links:

• https://defcon.org/html/defcon-20/dc-20-speakers.html#Maletic
• https://infocon.org/cons/DEF CON/DEF CON 20/DEF CON 20 video and slides/DEF CON 20 - Tim Maletic and Christopher Pogue - OPFOR 4Ever - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=TbKhFW4xK50

Similar Presentations:

• DerbyCon 2.0 Reunion (2012) / CounterSploit! (MSF as a defense platform)
• DeepSec 2015 „DeepSec No. 9“ / Temet Nosce - Know thy Endpoint Through and Through; Processes to Data
• Black Hat USA 2014 / The State of Incident Response