Spring Training 2015 - Red Team Testing
From BruCON 2016
Contents
Red Team Testing
Course Description
This is is NOT a tools course! Becoming proficient in Red Teaming is NOT something that can be taught only in a classroom. We will have multiple field exercises as well as hands-on classroom sessions.
This course will go over some of the tools and methods you MAY use in a Red Team assessment. Feel free to come up with your own styles.
- You will learn the basics of how to profile attackers and use your imagination to become one.
- Learn to act like a viable adversary of the target.
- Learn to analyse the security processes and technologies that are in place.
- Using what you observe, take advantage of what others have missed, to blend Electronic, Social and Physical security into a converged attack surface.
Requirements
Laptop with virtual machines running BackTrack and Windows (XP and above). Native OS can replace one of the VMs (i.e. a Windows OS hosting a Kali VM, or vice-versa).
Trainers Biography
Ian Amit
With over 15 years of experience in the information security industry, Ian Amit brings a mixture of Software development, OS, Network and web security to work on a daily basis. He is a frequent speaker at leading security conferences around the world (including Black Hat, DefCon, OWASP, InfoSecurity, etc...), and have published numerous articles and research material in leading print, online and broadcast media.Ian is currently serving as a Vice President at the Social Risk Management company ZeroFOX.
Ian is one of the founders of the Penetration Testing Execution Standard (PTES), its counterpart – the SexyDefense initiative, and a core member of the DirtySecurity crew.
Ian holds a Bachelor's degree in Computer Science and Business Administration from the Interdisciplinary Center at Herzlya.
Chris Nickerson
Chris Nickerson is a Certified Information Systems Security Professional (CISSP) whose main area of expertise is focused on information security and Social Engineering. In order to help companies better defend and protect their critical data and key information systems. He has created a blended methodology to assess, implement, and manage information security realistically and effectively.
At Lares, Chris leads a team of security consultants who conduct Security Risk Assessments, which can cover everything from penetration testing and vulnerability assessments, to policy design, computer forensics, Social Engineering, Red Team Testing and regulatory compliance. Prior to starting Lares, Chris was Director of Security Services at Alternative Technology, a Sr. Auditor for SOX compliance at KPMG, Chief Security Architect at Sprint Corporate Security, and developed an enterprise security design as network engineer for an international law firm. Chris also served in the U.S Navy.
Certified Information Systems Security Professional (CISSP)Certified Information Security Auditor (CISA)BS7799 Lead Auditor Accreditation (BS7799)NSA Infosec. Assessment Methodology (NSA IAM)Specialties: Vulnerability Assessment, Risk Assessment, Compliance, HIPAA,GLBA,PCI,SOX,17799/ 27001, Penetration Testing, Application Security Assessment, Physical Security, Social Engineering.
Wed. 22 - 24 April 2015 (09:00 - 17:00)