BSidesSF 2016 has ended
Back To Schedule
Monday, February 29 • 1:00pm - 1:55pm
Planning Effective Red Team Exercises

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

An effective red team exercise is substantially different from a penetration test, and it should be chartered differently as well. The scenario, objective, scope, and rules of engagement all need to be positioned correctly at the beginning in order to most closely simulate a real adversary and provide maximum value to the client.In this presentation, we’ll review best practices in each of these areas, distilled from conducting dozens of successful red team exercises - along with some war stories highlighting why each element matters. Those in offensive security will gain an understanding of how to manage the client’s expectations for this process, and how to guide them towards an engagement that provides a realistic measurement of their ability to prevent, detect, and respond to real attacks. Those in enterprise security will gain a deeper understanding of this style of assessment, and how to work with a red team to drive real improvement in their security programs.

avatar for Sean T. Malone

Sean T. Malone

Director, FusionX
Sean Malone has conducted full real-world red team attacks against dozens of different organizations. He knows how the adversary thinks and operates, because he has been that adversary countless times in his work as a consultant. Sean works with these organizations to improve their... Read More →

Monday February 29, 2016 1:00pm - 1:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103