Free

OWASP Austin Chapter Monthly Meeting - September 2017

Event Information

Share this event

Date and Time

Location

Location

National Instruments

11500 North Mopac Expressway, Building C

Austin, TX 78759

View Map

Event description

Description

How to create Purple Team Exercises, using the Cyber Kill Chain and Extended CKC as a framework

Purple Teaming is conducting focused Red Teams with clear training objectives for the Blue Team for the ultimate goal of improving the organization’s overall security posture. You don’t necessarily need a ‘red team’, anyone can do it. This talk will show how to build and plan cyber exercises, using the Cyber Kill chain and Extended Cyber Kill Chain as a framework.

Outline:

  • Intro - whoami, course outline

  • What is Purple Teaming

    • Terminology for VA, pentester, red teamer, purple teamer

    • Purple Team process

  • History of Red Teaming

  • Cyber Exercises

    • Event / injects

    • Teams (ECG, grey, Red, Blue)

    • Phases - Plan Execute, Lessons Learned

    • Explanation on Execution

  • Lockheed Martin Cyber Kill Chain + Extended Cyber Kill Chain

  • Examples of Purple Teaming

    • Points example: Mimikatz

      • Used mimikatz to test credential storing on Windows hosts. Confirming different between RDP, secure RDP and Remote PowerShell

    • Malicious Attachment Testing - Chris Gates Malicious File Maker

    • Tabletop Exercise

Speaker: Haydn Johnson

Food: Taco Deli. Arriving at 11:30 AM gives you time to get some food and find a seat. We try to start the meeting around 11:50 AM.

Share with friends

Date and Time

Location

National Instruments

11500 North Mopac Expressway, Building C

Austin, TX 78759

View Map

Save This Event

Event Saved