Learning To Love Your Attackers

SecTor 2015

Presented by: Ryan Linn
Date: Wednesday October 21, 2015
Time: 14:40 - 15:40
Location: 801B
Track: Tech

Opposing Forces (OPFOR) training is used by the military to help create realistic scenarios so that when they are deployed in battle they aren't encountering situations for the first time. Whether it's battle or incident response, that reaction time is critical to the success of a team. Most organizations have some degree of penetration testing as part of their security program, but by not utilizing it as part of an OPFOR program, they are missing out on the most critical part of a strong security program; the people. By focusing on real world attack scenarios you can both improve your security by testing constraints, but also test your ability to respond to attacks. This in turn helps lower the time from compromise to detection and from detection to response, allowing incident response teams to mitigate the attack before it becomes newsworthy. This talk will discuss how to build one of these programs, how to engage testers in order to accomplish this, and goals that should be set to help make this process successful.

Links

Chris Nickerson

Chris Nickerson, CEO of LARES, is just another “Security Guy” with a whole bunch of certs whose main area of expertise is focused on Real World Attack Modeling, Red Team Testing and InfoSec Testing. At Lares, Chris leads a team of security professional who conduct Risk Assessments, Penetration Testing, Application Testing, Social Engineering, Red Team Testing and Full Adversarial Attack Modeling. Prior to starting Lares, Chris was Dir. of Security Services at Alternative Technology, a Sr. IT Compliance at KPMG, and a Sr. Security Architect and Compliance Manager at Sprint Corporate Security. Chris is a member of many security groups and was also a featured member of TruTV’s Tiger Team. Chris is the co-host of the Exotic Liability Podcast, the author of the upcoming “RED TEAM TESTING” book published by Elsevier/Syngress, and a founding member of BSIDES Conference.

Ryan Linn

Ryan has more than 15 years of experience in Information Security. He has worked as a Technical Team Leader, Database Administrator, Windows and UNIX Systems administrator, Network Engineer, Web Application developer, Systems programmer, Information Security Engineer, and is currently a Principal Consultant doing network penetration testing. Ryan has delivered his research about ATM security, network protocol attacks, and penetration testing tactics at numerous conferences, including Black Hat, DefCon, DerbyCon, Shmoocon, and SecTor to name a few. He is also an open source project contributor for projects such as Metasploit, Ettercap, and the Browser Exploitation Framework.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats