A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Moving the Industry Forward – The Purple Team — David Kennedy (Circle City Con 2014 Videos) (Hacking Illustrated Series InfoSec Tutorial Videos)

Moving the Industry Forward – The Purple Team — David Kennedy
Circle City Con 2014
http://circlecitycon.com

Abstract:Let’s start off with a strong statement – pentesting today isn’t working. The blue team today isn’t working. When a pentest occurs, even done by some of the industries leading folks and the quality is there – the pentesters go in, blow stuff up, write the report and leave a trail of destruction to be cleaned up until the next pentest. The next year, the same thing, the year after that the same thing. The blue team on the other hand is tasked with securing the entire company and one flaw exposes the entire organization to attack. I’m here to tell you that we can accomplish both and continue to strengthen how we defend and build detection – its called the Purple Team. Instead of doing covert testing, move to more of a blended approach and build out defenses against the entire lifecycle of a hack. This talk goes into how to structure the best and effective purple team within an organization as well as walk through a number of different attacks and how to defend them. Like my normal talks, I’ll be going through the Social-Engineer Toolkit and how you can actively block its attacks and use some cutting edge things that haven’t been discussed before on how to block the attacks in the toolkit.

Back to Circle City Con 2014 Videos list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast