Steel Sharpens Steel: Using Red Teams to improve Blue Teams

Presented at DerbyCon 7.0 Legacy (2017), Sept. 22, 2017, 4 p.m. (50 minutes).

Understanding, anticipating, and identifying the wide array of evolving threats facing organizations today requires well-developed skills, experience, and analytical prowess. Table top exercises and expensive training courses can only get you so far. There is no better training method than creating real world quality adversarial sparring within the control of your own enterprise. Current Incident Response programs can integrate Red team exercises to simulate an adversary’s mindset and tactics, techniques, and procedures (TTPs) to mature processes, validate system protections and enhance the skills of staff. Adaptive red team exercises create a cycle of rapid improvement in both detection and response within today’s Blue Team programs. We will discuss real world examples to find deficiencies in staff skills, processes, and technologies. Along with the metrics and data to back it up. Christopher Payne is a Senior Director of Cyber Security at Target. In his role, Chris has responsibility for Incident Response, Compliance Monitoring, Adversary Simulation, and Cyber Hunting across the Target enterprise. In addition, Chris founded the annual cyber security conferences GrrCON & BrrCon. Chris is an international speaker on information security topics and has been featured by multiple television, radio, internet and print organizations. @EggDropX

Presenters:

Links:

Similar Presentations: