Is Your Security Team Going Red? presented at BSidesHarrisburg 2019

by Stephen Schneiter,


Summary : Just because you secure your network, it does not mean the network is secure. It is increasing more important that security teams test the security of the network. Join us as we look at the true power of the Red side! In this session we will discuss the various issues today’s security teams face protecting data. We will discuss how cyber threats are changing and the different tactics that are used to access a network. Security teams have an abundance of frameworks to use in order to implement sound security practices and help counter the hacker lifecycle. The problem is that while checking off our security check boxes it is possible to overlook a viable security threat. Providing examples of security and breach practices we will show the importance of implement Red team tactics in pen testing the security on our network once the security practices are in place. We will highlight several tools security practitioners may choose to implement for Red and Blue team strategies and show how some may interchangeable. We will discuss how the security team is able to analyze the data from the pen test report and adjust the security implementation. It is possible to meet all of our security check boxes and actually have a secure network.