Passing the Torch: Old School Red Teaming- New School Tactics

DerbyCon 4.0 - Family Rootz

Presented by: David McGuire, Will Schroeder
Date: Friday September 26, 2014
Time: 15:00 - 15:50
Location: Track 3

APT X- Target- Stuxnet; the media and public have started to pay more and more attention to sophisticated attackers and the havoc they can wreck. As evidence of advanced compromises becomes increasingly apparent- companies have begun to move beyond simple pentesting towards full blown threat simulation in order to effectively identify and mitigate the threat. However- red teaming operations are not a new concept- and advanced military teams have been simulating advanced adversaries long before the recent surge of attention from the private sector. While the tools and techniques of red teams may have changed- many of the procedures are still effective today.This presentation will aim to bridge the gap between the old and new- showing how the fundamental concepts of military red teaming still translate to the current landscape. We'll overview our take on operational red teaming and break out various engagement objective phases- including situational awareness- escalation- data mining- lateral movement- evasion and persistence. We'll trace through the "old school" way to achieve the objective- and then show how updated tools and techniques can enable modern operations. The fundamental tactics developed years ago are still very effective- and a new coat of paint makes them even more dangerous.

David McGuire

Will Schroeder


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats