Adversarial Testing through Unconventional Offensive Breach Techniques, presented at BSidesIOWA 2015

by Dan Kottmann,

Summary : Traditional vulnerability scanners and pentests, although useful and valuable in an overall security program, generally lack the context and comprehensiveness to fully evaluate risk of identified vulnerabilities. Breach assessments (i.e. blended assessments commonly referred to as Red Team testing in the military) identify risk from a multi-faceted, opportunistic manner that closely simulates the style and approach of an actual attacker. This style exposes valuable information within a context, demonstrating typically unidentified weaknesses, chained attack opportunities, and actual severity.
Using anecdotes based on the presenters' experience, the presentation will highlight the following:
- Critical vulnerabilities not commonly identified
- Effective and ineffective defensive measures commonly encountered
An emphasis will be placed on understanding potential attackers while not underestimating their creativity. The intended message will be twofold. First, organizations can take specific actionable measures to greatly increase their security posture (these measures will be common themes of the anecdotes discussed and will be highlighted as killchain disruptions). Lastly, organizations should be doing more than relying on traditional vulnerability scanners and penetration tests to better capture context, opportunity, and attacker creativity.