Be Evil | A Toolset for Tier 1 Threat Emulation

Presented at Wild West Hackin' Fest 2019, Oct. 25, 2019, 9 a.m. (60 minutes)

Some intrusion sets are elite, top tier. Others... not so much. An emerging service in the information security community is the emulation of these threat groups in all their incarnations. Proven security. The concept is as desirable as it is mathematically impossible. Given that cybersecurity risk is a facet of both threat and impact, proving security against a given threat actor requires more than traditional pentest and red team engagements. It requires a combined toolset of tactics and capabilities tailored to drive effects against the networks that we are tasked to defend. In this talk we explore real attack tactics and unveil an open source toolkit driven to enable advanced threat emulation.

Presenters:

• Matthew Toussain
  Matthew Toussain is the founder of Open Security and an analyst with CounterHack. As an avid information security researcher, Matthew regularly hunts for vulnerabilities in computer systems and releases tools to demonstrate the effectiveness of attacks and countermeasures. He has been a guest speaker at many conference venues, including DEFCON. Matthew is an author of SEC460: Enterprise Threat and Vulnerability Assessment.

Links:

• https://wildwesthackinfest2019.sched.com/event/RryZ/be-evil-a-toolset-for-tier-1-threat-emulation

Similar Presentations:

• DeepSec 2020 „The Masquerade“ / Improve Your Threat Hunt With Adversary Emulation
• Black Hat Europe 2021 / TeamTNT: Explosive Cryptomining