| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Russell Butturini & Joshua Tower Every security team invests tons of money in detective and preventative technologies. But how do they know they are working? Sure, there are pen tests, vulnerability scans and the old "if we see stuff happening it's probably OK" theory, but none of these reflect real world attacks. Security teams need QA tools for their defenses designed to simulate targeted attacks by attackers of various intelligence levels in a distributed fashion. This helps teams to understand what their tools are seeing and, more importantly, what they are not seeing. This talk will examine these gaps, and also demo a tool, Skiddiemonkeys. This tool is based on the Netflix "Chaos Monkey" principles and designed to create a variety of randomized, semi-controlled bad actors across a distributed environment to test security tools and help security teams learn how they react to or reflect malicious events on the network.
Bio:
Russell Butturini & Joshua Tower
@tcstoolHax0r
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast