building a practical
play

BUILDING A PRACTICAL INTERNAL RED TEAM ABHIJITH ABHIJITH B R B R - PowerPoint PPT Presentation

Aug 17, 2022 •148 likes •358 views

TACTICAL ADVERSARY: BUILDING A PRACTICAL INTERNAL RED TEAM ABHIJITH ABHIJITH B R B R [Abx Abx] DEFCON 28 SAFE MODE DCG VILLAGE 2020, AUG 7TH tacticaladversary.io *image credits goes to https://tacticaladversary.io/ ABHIJITH B R [Abx]

  1. TACTICAL ADVERSARY: BUILDING A PRACTICAL INTERNAL RED TEAM ABHIJITH ABHIJITH B R B R [Abx Abx] DEFCON 28 SAFE MODE DCG VILLAGE 2020, AUG 7TH tacticaladversary.io *image credits goes to https://tacticaladversary.io/

  2. ABHIJITH B R [Abx] • Leading Offensive security operations in a global FinTech company • Former Deputy Manager cyber security at Nissan motor corporation, previously with EY • A decade of experience in the security domain • Founder of https://RedTeamVillage.org community [No, It is not associated with DC] @abhijithbr • Lead at DEFCON Group Trivandrum (https://dc0471.org/) • Started running https://tacticaladversary.io blog this year DEFCON 28 DCG VILLAGE 2020

  3. LET’S MAKE IT CLEAR! DEFCON 28 DCG VILLAGE 2020

  4. VULNERAB VULNERABILITY ILITY ASSESSMENT ASSESSMENT IS NOT IS NOT RED TEAMING RED TEAMING. DEFCON 28 DCG VILLAGE 2020

  5. PEN PENETRAT ETRATION TE ION TESTING STING IS ALSO NOT IS ALSO NOT RED TEAMING RED TEAMING. DEFCON 28 DCG VILLAGE 2020

  6. WHAT IS RED WHAT IS RED TEAM TEAM Historically, a red team was a group of military personnel playing the role of adversaries, the role of the enemy or opposing force team (“ RED ”), as opposed to the friendly forces team (“ BLUE ”). With time, the red teams mission and capabilities evolved and they turned into a force tasked with challenging the security posture of military bases, outposts and other “targets”. [Redteams.net] DEFCON 28 DCG VILLAGE 2020

  7. WHAT WHAT IS RED IS RED TEAM TEAM A RED TEAM IS A GROUP OF HIGHLY SKILLED PEOPLE THAT CONTINUOUSLY CHALLENGE THE PLANS, DEFENSIVE MEASURES AND SECURITY CONCEPTS. [Redteams.net]

  8. Our Red Team will be doing pentest and vuln scanning for the clients. Security sales guy from Security company XYZ

  9. Conceptual Red Team vs Blue Team Portrayed as native Kerala martial art form “ Kalari Payatu ” DEFCON 28 DCG VILLAGE 2020 *Art created for RedTeamVillage.org at c0c0n conference, 2018

  10. BUILDI BUILDING AN NG AN INTERNAL INTERNAL RED TEAM RED TEAM. . [ADVERS [ADVERSARIAL ARIAL SI SIMULATION MULATION] DEFCON 28 DCG VILLAGE 2020

  11. INTERN INTERNAL AL RED TEAM RED TEAM OPERATIONS OPERATIONS FRAMEWORK FRAMEWORK* IRTO – PHASE 2 IRTO – PHASE 3 IRTO – PHASE 4 IRTO – PHASE 1 IRTO – PHASE 3 DEFCON 28 DCG VILLAGE 2020 *image credits goes to respective owners. *this is still a work in progress.

  12. PHASE 1 1 CRAWL IRTO IRTO – PHASE CRAWLING ING • Get the budget approval • Define the practical goals, objectives • Identify the crown jewels and people • Rules of engagement (ROE), reporting and other process documentation • Assistance from the Management and Legal department • Understand the security posture of the organization • Hire the talent – The Red Team DEFCON 28 DCG VILLAGE 2020

  13. THE THE A A TEAM TEAM DEFCON 28 DCG VILLAGE 2020 *image credits goes to respective owners.

  14. PHASE 2 GET IRTO IRTO – PHASE GET ON YOUR FEET ON YOUR FEET • Red Team external infrastructure (Digital ocean, GCP, AWS) • Corp. tools, Improvised open source tooling capabilities • Identifying the business specific risks • Be friends with your organization’s Blue Team • Adversarial Emulation (Atomic red team, Caldera etc) • Manual campaigns against the organization and employees • Validate current defense mechanisms with blue team (MITRE) • External attack surface discovery and mapping • Designing a remediation process to address issues DEFCON 28 DCG VILLAGE 2020

  15. PHASE 3 3 START IRTO IRTO – PHASE START WALKING WALKING • Improved Tools, techniques and procedures (TTP’s) based on current security posture • Identify and eradicate findings 1, 2 - crown jewels and people* • Evaluation of Incident response process* • Automated Adversary Emulation • Automated campaigns • Targeted APT emulation based on Threat Intel • Improvised RTO process documentation DEFCON 28 DCG VILLAGE 2020

  16. PHASE 4 START IRTO IRTO – PHASE START RUN RUNNING NING • Collaborative and continuous Purple team exercises • Enterprise tooling capabilities • Targeted campaigns against the Crown jewels and key people • Overt physical security assessments • Continuous awareness programme for employees and key people • Continuous training process for operators and defenders • Proactive remediation process and plans DEFCON 28 DCG VILLAGE 2020

  17. PHASE 5 TIME IRTO IRTO – PHASE TIME TO FLY TO FLY • Matured red team operations • Significant improvement of organizational security posture • Highly skilled operators • Covert physical security assessments • Custom tooling capabilities • Continuous Adversary simulation to keep the defenders on their toes. • Continuous RTO with well defined process DEFCON 28 DCG VILLAGE 2020

  18. PLANS PLANS: : STR STRATEGIC ATEGIC AND AND TACTICAL TACTICAL TACTICAL PLAN 1 + TACTICAL PLAN 2 + TACTICAL PLAN N STRATEGIC PLAN = [Long term objective] [Divided into short term tactical engagements] *The management always need updates DEFCON 28 DCG VILLAGE 2020

  19. Q&A Q&A Reach me on Discord Abx Abx#1 #147 474 twitter: @abhi abhijithbr jithbr DEFCON 28 DCG VILLAGE 2020

  20. Special thanks to, Jayson E Street DEF CON Groups TX and DEF CON Group Delhi DEF CON Group Trivandrum members DEFCON 28 DCG VILLAGE 2020 *image credits goes to https://tacticaladversary.io/

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Sick Building Syndrome and Building-Related Illness Claims: Defining the Practical and Legal

Sick Building Syndrome and Building-Related Illness Claims: Defining the Practical and Legal

Sick Building Syndrome and Building-Related Illness Claims: Defining the Practical and Legal Issues (The Construction Lawyer, October 1994, Volume 14, Number 4) Thomas F. Icard, Jr., and Wm. Cary Wright After more than a decade of litigation

321 views • 20 slides
Capacity Building Measures for Practioneers Practical Insights for Practice Management and

Capacity Building Measures for Practioneers Practical Insights for Practice Management and

Committee for Capacity Building of Members in Practice Capacity Building Measures for Practioneers Practical Insights for Practice Management and Development - CA Nilesh Vikamsey November 08, 2019 1 Setting the Context Current Position of

808 views • 79 slides
6/3/20 PRACTICAL SKILLS-BUILDING Breakout for Lectors image: McKinsey.com PROCLAMATION:

6/3/20 PRACTICAL SKILLS-BUILDING Breakout for Lectors image: McKinsey.com PROCLAMATION:

6/3/20 PRACTICAL SKILLS-BUILDING Breakout for Lectors image: McKinsey.com PROCLAMATION: NECESSARY SKILLS understanding of passages and their scriptural context Lector Workbook http://www.usccb.org/bible/readings-audio.cfm Give Us

411 views • 3 slides
Building Practical Alliances: balancing independence & cooperation Andy Milne, Chief

Building Practical Alliances: balancing independence & cooperation Andy Milne, Chief

Building Practical Alliances: balancing independence & cooperation Andy Milne, Chief Executive French foreign minister Robert Schuman on the purpose of the European Coal and Steel Community, 1950 make war not only unthinkable but

529 views • 11 slides
Positive Neuroplasticity: The Practical Brain Science of Building Lasting Psychological Resources

Positive Neuroplasticity: The Practical Brain Science of Building Lasting Psychological Resources

Positive Neuroplasticity: The Practical Brain Science of Building Lasting Psychological Resources Madrid, June 24 & 25, 2017 Rick Hanson, Ph.D. Greater Good Science Center University of California at Berkeley www.RickHanson.net Mental

1.62k views • 116 slides
9/1/2015 8 PILLARS FOR EXPONENTIAL BUS INES S GROWTH A PRACTICAL GUIDE TO BUILDING YOUR

9/1/2015 8 PILLARS FOR EXPONENTIAL BUS INES S GROWTH A PRACTICAL GUIDE TO BUILDING YOUR

9/1/2015 8 PILLARS FOR EXPONENTIAL BUS INES S GROWTH A PRACTICAL GUIDE TO BUILDING YOUR BOOKKEEPING BUSINESS OR ACCOUNTING FIRM What are the 8 Pillars? Pillar 7: Value Added S ervices 1 9/1/2015 Overview Introduction Value

434 views • 4 slides
QI TALK TIME Building an Irish Network of Quality Improvers Liberating Structures: Practical

QI TALK TIME Building an Irish Network of Quality Improvers Liberating Structures: Practical

QI TALK TIME Building an Irish Network of Quality Improvers Liberating Structures: Practical Tools to energise, inspire and deliver frontline solutions. Speaker: Dr Rob Cunney and Juanita Guidera 5 th Dec 2017 1-2 pm Connect Improve Innovate

842 views • 38 slides
ICS Testbed Tetris: Practical Building Blocks Towards a Cyber Security Resource CSET 20 - Long

ICS Testbed Tetris: Practical Building Blocks Towards a Cyber Security Resource CSET 20 - Long

ICS Testbed Tetris: Practical Building Blocks Towards a Cyber Security Resource CSET 20 - Long Preliminary Work Paper 13 th USENIX Workshop on Cyber Security Experimentation and Test August 10, 2020 Benjamin Green Richard Derbyshire William

418 views • 12 slides
Building Bridges: Practical Tips for a Successful Heads Transition Moorestown Friends School

Building Bridges: Practical Tips for a Successful Heads Transition Moorestown Friends School

Building Bridges: Practical Tips for a Successful Heads Transition Moorestown Friends School NAIS Annual Conference February 27, 2020 Introductions Julia de la Torre , Current Head of School Larry Van Meter , Former Head of School Barbara

773 views • 19 slides
Practical Advice for Building Machine Learning Applications Machine Learning Based on lectures

Practical Advice for Building Machine Learning Applications Machine Learning Based on lectures

Practical Advice for Building Machine Learning Applications Machine Learning Based on lectures and papers by Andrew Ng, Pedro Domingos, Tom Mitchell and others 1 ML and the world Making ML work in the world Mostly experiential advice Also

863 views • 69 slides
OPERATIONS FRAMEWORK BUILDING YOUR PRACTICAL INTERNAL RED TEAM ABHIJITH ABHIJITH B R B R [Abx

OPERATIONS FRAMEWORK BUILDING YOUR PRACTICAL INTERNAL RED TEAM ABHIJITH ABHIJITH B R B R [Abx

INTERNAL RED TEAM OPERATIONS FRAMEWORK BUILDING YOUR PRACTICAL INTERNAL RED TEAM ABHIJITH ABHIJITH B R B R [Abx Abx] RED TEAM VILLAGE THE DIANA INITIATIVE, AUG 21-22, 2020 https://dianainitiative.org https://redteamvillage.org

332 views • 20 slides
QI TALK TIME Building an Irish Network of Quality Improvers Practical techniques and tools for

QI TALK TIME Building an Irish Network of Quality Improvers Practical techniques and tools for

QI TALK TIME Building an Irish Network of Quality Improvers Practical techniques and tools for Quality Improvers Speaker: Gail Nielsen 7 th March 2017 1-2 pm Connect Improve Innovate Gail Neilsen Gail A. Nielsen is an accomplished

576 views • 31 slides
Practical Experience with Practical Experience with Practical Experience with Practical

Practical Experience with Practical Experience with Practical Experience with Practical

Practical Experience with Practical Experience with Practical Experience with Practical Experience with performance monitoring performance monitoring performance monitoring performance monitoring Ryszard Jurga CERN openlab March 29, 2006

577 views • 24 slides
Building your digital strategy A practical guide John White Chief Operating Officer The Space

Building your digital strategy A practical guide John White Chief Operating Officer The Space

Building your digital strategy A practical guide John White Chief Operating Officer The Space 29/01/2017 What do we mean by digital? Audiences: reaching and engaging audiences online Content: Using technology to create content for

513 views • 50 slides
ARDUINO & ELECTRONICS PRACTICAL PRACTICAL SESSION 1 Part of SmartProducts ARDUINO &

ARDUINO & ELECTRONICS PRACTICAL PRACTICAL SESSION 1 Part of SmartProducts ARDUINO &

ARDUINO & ELECTRONICS PRACTICAL PRACTICAL SESSION 1 Part of SmartProducts ARDUINO & ELECTRONICS PRACTICAL Fjodor van Slooten PRACTICAL SESSION 1 W241 (Horst-wing West) f.vanslooten@utwente.nl Goal: Become familiar with Electronics

437 views • 18 slides
Development of Useful and Practical Checklists The Third and Forth Workshop for Urban Resilience

Development of Useful and Practical Checklists The Third and Forth Workshop for Urban Resilience

1 Building Disaster and Climate Resilient Cities in ASEAN (CN18) Development of Useful and Practical Checklists The Third and Forth Workshop for Urban Resilience in ASEAN March 03, 2017 JICA Project Team Contents of Presentation 1.

465 views • 9 slides
I A-64, the Trillian project, and CERNs involvement CERN Computing Seminar 1 17 May 2000

I A-64, the Trillian project, and CERNs involvement CERN Computing Seminar 1 17 May 2000

S.Jarp CERN I A-64, the Trillian project, and CERNs involvement CERN Computing Seminar 1 17 May 2000 CERN Main justifications S.Jarp Contribute to Open Source Be fully prepared to evaluate I A-64 for LHC computing I nfluence

622 views • 28 slides
Housing, the NZ Business Cycle and Macro Im balances Peter Jarrett OECD Economics Department

Housing, the NZ Business Cycle and Macro Im balances Peter Jarrett OECD Economics Department

Housing, the NZ Business Cycle and Macro Im balances Peter Jarrett OECD Economics Department OECD Economics Department 23 June 2011 Outline 1. Features of the most recent NZ housing boom F t f th t t NZ h i b 2. How NZ housing cycles

586 views • 34 slides
Fund the People Fund the People Fund the People is the national campaign to maximize investment

Fund the People Fund the People Fund the People is the national campaign to maximize investment

Talent-Investing: Driving the Future of Nonprofits & Philanthropy March 2019 Justice. Performance. Impact. Sustainability. Fund the People Fund the People Fund the People is the national campaign to maximize investment in the nonprofit

1.08k views • 45 slides
Planning and Optimization A2. What is Planning? Gabriele R oger and Thomas Keller Universit

Planning and Optimization A2. What is Planning? Gabriele R oger and Thomas Keller Universit

Planning and Optimization A2. What is Planning? Gabriele R oger and Thomas Keller Universit at Basel September 19, 2018 Planning Task Examples How Hard is Planning? Getting to Know a Classical Planner Summary Content of this Course

654 views • 36 slides
Temperature Gradient System (TemGraS) Jelena Maricic, YujingSun, Radovan Milincic University of

Temperature Gradient System (TemGraS) Jelena Maricic, YujingSun, Radovan Milincic University of

Temperature Gradient System (TemGraS) Jelena Maricic, YujingSun, Radovan Milincic University of Hawaii at Manoa November 23 rd , 2016 Requirements RTD of choice for PT-102 (samples in hand both calibrated and non-calibrated)

664 views • 9 slides
CS 378 Computer Vision Oct 22, 2009 Outline: Stereopsis and calibration I. Computing

CS 378 Computer Vision Oct 22, 2009 Outline: Stereopsis and calibration I. Computing

CS 378 Computer Vision Oct 22, 2009 Outline: Stereopsis and calibration I. Computing correspondences for stereo A. Epipolar geometry gives hard geometric constraint, but only reduces match for a point to be on a line. Other soft constraints

858 views • 38 slides
CS786 Lecture 12: May 12, 2012 Inference as Optimization (continued) [KF Chapter 11] CS786 P.

CS786 Lecture 12: May 12, 2012 Inference as Optimization (continued) [KF Chapter 11] CS786 P.

26/06/2012 CS786 Lecture 12: May 12, 2012 Inference as Optimization (continued) [KF Chapter 11] CS786 P. Poupart 2012 1 Cluster Tree Recap Variable elimination: Induces a cluster tree Inference: message propagation on cluster tree

246 views • 8 slides
Clique trees 2 Graphical Models 10708 Carlos Guestrin Carnegie Mellon University October 3

Clique trees 2 Graphical Models 10708 Carlos Guestrin Carnegie Mellon University October 3

New reading: Chapter 7 of Koller&Friedman Clique trees 2 Graphical Models 10708 Carlos Guestrin Carnegie Mellon University October 3 rd , 2005 Announcements Homework 2: Out today/tomorrow Programming part in groups of 2-3

628 views • 33 slides

More recommend