Moving the Industry Forward – The Purple Team - David Kennedy Notacon 11 (Hacking Illustrated Series InfoSec Tutorial Videos)
Moving the Industry Forward – The Purple Team
Let’s start off with a strong statement – pentesting today isn’t working. The blue team today isn’t working. When a pentest occurs, even done by some of the industries leading folks and the quality is there – the pentesters go in, blow stuff up, write the report and leave a trail of destruction to be cleaned up until the next pentest. The next year, the same thing, the year after that the same thing. The blue team on the other hand is tasked with securing the entire company and one flaw exposes the entire organization to attack. I’m here to tell you that we can accomplish both and continue to strengthen how we defend and build detection – its called the Purple Team. Instead of doing covert testing, move to more of a blended approach and build out defenses against the entire lifecycle of a hack. This talk goes into how to structure the best and effective purple team within an organization as well as walk through a number of different attacks and how to defend them. Like my normal talks, I’ll be going through the Social-Engineer Toolkit (SET) and how you can actively block its attacks and use some cutting edge things that haven’t been discussed before on how to block the attacks in the toolkit.
David Kennedy (@hackingdave) is founder and principal security consultant of TrustedSec – An information security consulting firm located in Cleveland Ohio. David was the former Chief Security Officer (CSO) for a Fortune 1000 where he ran the entire information security program. Kennedy is a co-author of the book “Metasploit: The Penetration Testers Guide,” the creator of the Social-Engineer Toolkit (SET), and Artillery. Kennedy has presented on a number of occasions at Black Hat, Defcon, DerbyCon, ShmooCon, BSIDES, Infosec World, Notacon, AIDE, ISACA, ISSA, RSA, Infragard, Infosec Summit, Hack3rCon and a number of other security-related conferences. Kennedy has been interviewed by several news organizations including CNN, The Katie Couric Show, CNBC, Fox News, Fox Business, Bloomberg, Huffington Post, Neil Cavuto, Special Report with Bret Baier, On the Wirte with Greta, Chris Wallace, and BBC World News. Kennedy was formally on the Back|Track development team and Exploit-DB team and co-host of the Social-Engineer.org podcast. Kennedy is one of the co-authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. Kennedy is the co-founder of DerbyCon, a large-scale conference in Louisville Kentucky. Prior to Diebold, Kennedy was a VP of Consulting and Partner of a mid-size information security consulting company running the security consulting practice. Prior to the private sector, Kennedy worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.
to Notacon 11 video list
Printable version of this article