Play all

Introduction

Talk Outline

Wargames

Wargame Examples - CTF

Engagement Definition

Terminology Review

Red Teaming - Defined

What is a Red Team Exercise?

Security Maturity Models

Red Team - 3 Target Areas

Wargaming Computer Security

New Ideas for Security Testing

What is a Threat Scenario

Threat Scenarios same as RT?

This is just Red Teaming!

Example Scenario

Cobalt Strike - Redirectors

Putter Panda c2 callback

Cobalt Strike FTW!

C2: Internal or External

DNS Registration

Cloud Service Provider

Traffic Generation

ACME Gas - Exercise

Threat Model: Hacktivism

Scenario Development in ROE

ACME Gas - White Card Access

Lateral Movement into Servers

Lateral into Server Subnet

The Hunt Develops

And the Game would continue..

Cobalt Strike Report - MD5

Cobalt Strike - Activity

Cobalt Strike - Session

Cobalt Strike - Pivot Path

Closing Thoughts

Description:

Explore the intricacies of planning and executing a red team engagement in this comprehensive conference talk from BSides Columbus 2017. Delve into wargaming concepts, engagement definitions, and security maturity models. Learn about the three target areas of red teaming and discover new ideas for security testing. Examine threat scenarios and their relationship to red team exercises. Gain insights into tools like Cobalt Strike and its features for C2 communication and traffic generation. Follow along with a practical example scenario involving ACME Gas, covering threat modeling, scenario development, lateral movement, and hunt team responses. Analyze Cobalt Strike reports and pivot paths to enhance your understanding of red team operations. Conclude with valuable closing thoughts on effective red team engagements.

Planning and Executing a Red Team Engagement

Add to list

#Conference Talks #Information Security (InfoSec) #Cybersecurity #Security BSides #Threat Modeling #Lateral Movement #Programming #Software Development #Software Testing #Security Testing

0:00 / 0:00