Presentation is loading. Please wait.

Presentation is loading. Please wait.

Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya.

Published byCurtis Bryce Hancock Modified over 9 years ago

Similar presentations

Presentation on theme: "Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya."— Presentation transcript:

1 Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

2 Intro - Greg Huff  CISSP  Sr. Engineer – Red Team  Co-founded Red Team for Fortune 50

3 Why do we do security testing?  Industry compliance  PCI  FIPS  Government regulations  HIPAA  GLBA  FISMA  Number 1 reason why??:  Because we have to!

4 Vulnerability Assessment  Fully automated  Can be scheduled  Real-time detections  Interpretation of results requires some technical knowledge.  Detects presence of public exploits, misconfigurations, outdated patch levels, default credentials, etc.

5 Vulnerability Assessment (cont.) Commonly used tools:  Nessus  Configurations, patch levels, public exploits  Burp Suite  Web applications, API’s  Nexpose  Similar to Nessus, browser-based checking

6 Penetration Testing  Combination of automated and manual testing  Results of vulnerability scan may lend to successful penetration into an environment.  Exploitation of known vulnerabilities  Privilege escalation  Generally not designed to be stealthy or test response plans and defensive capabilities

7 Penetration Testing (cont.) Commonly used tools  Often the same as vulnerability scan tools  Exploitation frameworks  Usually targeted against specific infrastructure/applications

8 Red Team  Real-world attack simulation  Significant reconnaissance effort  Penetration into environment  Avoidance of security monitoring  Persistence maintained

9 Red Team (cont.)  Wide variety of attacks  Advanced social-engineering  Physical attacks  Custom exploit development  Act as aggressors to test defensive capabilities and response  More deliberate, paced compared to a standard pen test  Will adapt to countermeasures, maintain persistence, and continue attacks  Goal/scenario-based testing

10 Testing Comparison 10 Level of Effort, Cost and Time Attack Sophistication Vulnerability Assessment Penetration Testing Red Team Unsophisticated Threats Misconfigurations Default creds Largest Threat Landscape Hactivists Script Kiddies Identity Theft High Capability Threats (Nation States, Organized Crime, APT)

11 Should I have an internal Red Team?  Need vs. want  Org size  Regulatory requirements  Security funding  Industry Do I want to know what I don’t?  Org socialization  Mission statement  Service catalog  Partnerships with HR, legal, etc.  Learning opportunities First question to ask…

12 IamA Red Teamer AMA!

Download ppt "Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya."

Similar presentations

PENETRATION TESTING Presenters:Chakrit Sanbuapoh Sr. Information Security MFEC.

PENETRATION TESTING Presenters:Chakrit Sanbuapoh Sr. Information Security MFEC.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Bill McClanahan – Principal Business Consultant LPS Integration.

Bill McClanahan – Principal Business Consultant LPS Integration.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
JARED BIRD Nagios: Providing Value Throughout the Organization.

JARED BIRD Nagios: Providing Value Throughout the Organization.
1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.

1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.
Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.

Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.
The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.

The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Vulnerability Testing Approach Prepared By: Phil Cheese Nov 2008.

Vulnerability Testing Approach Prepared By: Phil Cheese Nov 2008.
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard.

Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard.
Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.

Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard 12/5/2010Greg Williams CS591.

Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard 12/5/2010Greg Williams CS591.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Penetration Testing Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802

Penetration Testing Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802
Web Application Security Assessment and Vulnerability Assessment.

Web Application Security Assessment and Vulnerability Assessment.
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
Sam Cook April 18, 2013. Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Similar presentations

Ads by Google