A Red-Teamer's Guide to Building a Blue Team

Presented at Kernelcon 2020 Virtual, March 27, 2020, 2:45 p.m. (60 minutes)

How blue teamers and red teamers think is fundamentally different. This talk will delve into some of those details from a perspective of appreciating the differences – but it will not focus exclusively on them, as it is geared towards how to build a strong security team in general. Some of the aspects of a good blue team is Incident Response team, tuning a SIEM, solidifying network security and other opportunities for a better overall security posture. It will not focus on KU Health system and our systems/solutions, but instead will involve leadership strategies, technical details, and security posturing areas to consider.

Presenters:

• Mark Bayley
  Mark is the Infrastructure Security Manager at KU Hospital System, responsible for securing over 100+ locations across KS and MO. He is also an adjunct professor at Bellevue University, Liberty University, and MCCKC where he teaches IT Security from the Master's level down to Associate's.

Links:

• https://www.youtube.com/watch?v=ifImQaHEhqY

Similar Presentations:

• May Contain Hackers (MCH2022) / How to sneak past the Blue Team of your nightmares
• Diana Initiative 2020 Virtual / No Mom, I’m not a Hacker
• BruCON 0x0A (2018) / Mirror on the wall: using blue team techniques in red team ops