• Home

  • Documents

  • Red Team “You keep using that word, I do not think it means what you think it means” – Inigo...
12
Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Tags:

Embed Size (px)

Citation preview

Page 1: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Red Team“You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Page 2: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Intro - Greg HuffCISSP

Sr. Engineer – Red Team

Co-founded Red Team for Fortune 50

Page 3: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Why do we do security testing? Industry compliance

PCI FIPS

Government regulations HIPAA GLBA FISMA

Number 1 reason why??: Because we have to!

Page 4: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Vulnerability AssessmentFully automated

Can be scheduled

Real-time detections

Interpretation of results requires some technical knowledge.

Detects presence of public exploits, misconfigurations, outdated patch levels, default credentials, etc.

Page 5: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Vulnerability Assessment (cont.)

Commonly used tools:

Nessus Configurations, patch levels, public exploits

Burp Suite Web applications, API’s

Nexpose Similar to Nessus, browser-based checking

Page 6: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Penetration TestingCombination of automated and manual testing

Results of vulnerability scan may lend to successful penetration into an environment.

Exploitation of known vulnerabilities

Privilege escalation

Generally not designed to be stealthy or test response plans and defensive capabilities

Page 7: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Penetration Testing (cont.)

Commonly used tools

Often the same as vulnerability scan tools

Exploitation frameworks

Usually targeted against specific infrastructure/applications

Page 8: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Red TeamReal-world attack simulation

Significant reconnaissance effort

Penetration into environment

Avoidance of security monitoring  

Persistence maintained

Page 9: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Red Team (cont.)

Wide variety of attacks Advanced social-engineering

Physical attacks

Custom exploit development

Act as aggressors to test defensive capabilities and response

More deliberate, paced compared to a standard pen test

Will adapt to countermeasures, maintain persistence, and continue attacks

Goal/scenario-based testing

Page 10: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Testing Comparison

10

Level of Effort, Cost and Time

Att

ack

Sophis

tica

tion

Vulnerability Assessment

Penetration Testing

Red Team

Unsophisticated Threats• Misconfigurations• Default creds

Largest Threat Landscape• Hactivists• Script Kiddies• Identity Theft

High Capability Threats (Nation States, Organized Crime, APT)

Page 11: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Should I have an internal Red Team?Need vs. want

Org sizeRegulatory

requirementsSecurity fundingIndustry

Do I want to know what I don’t?

Org socializationMission

statementService catalogPartnerships

with HR, legal, etc.

Learning opportunities

First question to ask…

Page 12: Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

IamA Red Teamer AMA!


What do you think this sign means? Hint:

What do you think this sign means? Hint:

Documents
Re-Think What Security Means - Home | National …...Re-Think What Security Means Federal Facilities Council Workshop 18 November 2015 Jorge Lozano CEO/President Condortech Services,

Re-Think What Security Means - Home | National …...Re-Think What Security Means Federal Facilities Council Workshop 18 November 2015 Jorge Lozano CEO/President Condortech Services,

Documents
Starter: What do you think anti-bullying means? Starter: What do you think anti-bullying means?

Starter: What do you think anti-bullying means? Starter: What do you think anti-bullying means?

Documents
Inigo Jones: The Weather Prophet

Inigo Jones: The Weather Prophet

Documents
L’HEURE ESPAGNOLE - gaertnerplatztheater.de L’HEURE... · the shop. Both Gonzalvo and Inigo willingly let themselves be hidden Both Gonzalvo and Inigo willingly let themselves

L’HEURE ESPAGNOLE - gaertnerplatztheater.de L’HEURE... · the shop. Both Gonzalvo and Inigo willingly let themselves be hidden Both Gonzalvo and Inigo willingly let themselves

Documents
6 Improving Grammar Mechanics “You keep using that word. I do not think it means what you think it means.” ― Inigo Montoya, from The Princess Bride by

6 Improving Grammar Mechanics “You keep using that word. I do not think it means what you think it means.” ― Inigo Montoya, from The Princess Bride by

Documents
What do other people think dignity means ….?

What do other people think dignity means ….?

Documents
What do you think the term Electric Charge means?

What do you think the term Electric Charge means?

Documents
MVP, You keep using that word. I don't think it means what you think it does

MVP, You keep using that word. I don't think it means what you think it does

Business
Measurement. Biology ‘BIO-’ means life Ex: biography -’OLOGY’ means the study of Ex: radiology What do you think BIOLOGY means?

Measurement. Biology ‘BIO-’ means life Ex: biography -’OLOGY’ means the study of Ex: radiology What do you think BIOLOGY means?

Documents
Inigo Jones

Inigo Jones

Documents
Resume Inigo Eguren (Videographer & editor)

Resume Inigo Eguren (Videographer & editor)

Documents
Dr. Inigo San Millan Presentation

Dr. Inigo San Millan Presentation

Health & Medicine
What Do You Think Plagiarism Means? Plagiarism Defined

What Do You Think Plagiarism Means? Plagiarism Defined

Documents
Walking With Inigo

Walking With Inigo

Documents
Rule 110 - Inigo

Rule 110 - Inigo

Documents
Think y y means. CTIVITY ravels Science group/partner

Think y y means. CTIVITY ravels Science group/partner

Documents
CambridgeUniversity Press Excerpt Moreinformation...978-0-521-25546-2 - The Theatres of Inigo Jones and John Webb John Orrell Excerpt Moreinformation 2 The theatres of Inigo Jones

CambridgeUniversity Press Excerpt Moreinformation...978-0-521-25546-2 - The Theatres of Inigo Jones and John Webb John Orrell Excerpt Moreinformation 2 The theatres of Inigo Jones

Documents
Bindaas Just think… What being, part of a group means…

Bindaas Just think… What being, part of a group means…

Documents
 · Web viewWord: Sentence and page number from book: I think it means: Definition: ***** Word: Sentence and page number from book: I think it means: Definition:

 · Web viewWord: Sentence and page number from book: I think it means: Definition: ***** Word: Sentence and page number from book: I think it means: Definition:

Documents
I Think It Means To Society

I Think It Means To Society

Lifestyle
How technology has changed what it means to think

How technology has changed what it means to think

Documents
The Periodic Table. What Does Periodic Mean? Periodic means repeated in a pattern Periodic means repeated in a pattern Think about a calendar: Think about

The Periodic Table. What Does Periodic Mean? Periodic means repeated in a pattern Periodic means repeated in a pattern Think about a calendar: Think about

Documents
Techly | by Inigo del Castillo

Techly | by Inigo del Castillo

Documents
The$word$Renaissance$means$“rebirth”.$Think$ …cmartinresgmsd.weebly.com/.../renaissance_lesson_1.pdfThe$word$Renaissance$means$“rebirth”.$Think$ abouta7me$in$your$life$when$you$experienced$

The$word$Renaissance$means$“rebirth”.$Think$ …cmartinresgmsd.weebly.com/.../renaissance_lesson_1.pdfThe$word$Renaissance$means$“rebirth”.$Think$ abouta7me$in$your$life$when$you$experienced$

Documents
DOES SFO 2016 - Kaimar Karu - ITIL. You keep using that word. I don't think it means what you think it means

DOES SFO 2016 - Kaimar Karu - ITIL. You keep using that word. I don't think it means what you think it means

Technology
What do you think Urbanization means? If the world is becoming more urbanized, what do you think this means for rural areas?

What do you think Urbanization means? If the world is becoming more urbanized, what do you think this means for rural areas?

Documents
Rome by inigo and aimar e

Rome by inigo and aimar e

Documents
Record Unemployment Means a Hiring Manager’s Market, Right? Think Again

Record Unemployment Means a Hiring Manager’s Market, Right? Think Again

Business
Developing Countries vs Developed Countries. What Do You Think? What do you think it means to be a developing country? What do you think it means to be

Developing Countries vs Developed Countries. What Do You Think? What do you think it means to be a developing country? What do you think it means to be

Documents