Description: This talk is designed to complement the “Red Team X” talk tomorrow, and provide context for organizations who either think about engaging in a red team test, or have been doing red teaming and want to see more value out of it. In this talk we’ll cover some of the basic elements of what red teaming is, and specifically how it benefits an organization engaging in such a practice. Red teaming by itself is a high-interaction test. Unlike many other tests (namely penetration testing, compliance engagements, vulnerability assessments and other IT related practices), red team is not limited to the technical scope of the organization’s security infrastructure. As such, it is imperative to be able to extract as much value out of a red team engagement as possible, and see return on that investment in as many different areas of the organization as possible. Based on years of experience in conducting red team tests, training and helping organizations improve their security through red teaming, these insights will be applicable to everyone who is seeing red in their future (and you all should in order to really address security in an organization that has people working in it and not just machines).

Bio: Ian Amit is an IOActive Director of Services with over a decade of experience in both hands-on and strategic roles, working fluently in all manner of security-related fields: business, industry, technical, and research. Currently positioned to represent IOActive in the east coast from New York City, Ian brings our customers the benefit of his proven leadership, innovative management style, and established expert media presence while overseeing engagements for technical, financial, healthcare and government clients. Ian also leads the Red Team practice in IOActive, leveraging his years of experience on private, public and government engagements. He speaks publicly on security topics that include the technical and strategic, as well as marketing, strategy, and policies, working at the highest levels of corporate and multi-national engagements

Back to Derbycon 2013 video list