OPFOR Works Both Ways: How Offense and Defense Must Train Each Other presented at ShmooCon 2012

by Tim Maletic, Chris Pogue,

Summary : "Ask your incident response team how often they see stand-alone meterpreter binaries. Now ask your tiger team how often they complete a project without using an exploit framework. See the disconnect? Remember when penetration tests were supposed to model what the black hats were actually doing? We're going to combat this trend head-on, put the forensic lens on a typical internal pentest, re-engineer penetration testing for stealth mode, and show where CVSS misses the mark as a measure of what to fix."