Meetup Red Teaming
How to (not) do Red Teaming – an orientation
On the 20th of July this meetup answered the question: How do you improve IT security of your company with a limited budget?
The most obvious way to test your security measures is to employ somebody who tries to do the same things an attacker would do. In this talk, I will explain why this is not the best strategy and what I think is the best way to improve your security while keeping spending low.
There are different security testing methods, not all of them make sense for the same types of problems. I will explain what common test methods there are, and which make sense for which use case.
The primary focus will be on the often-misunderstood Red Teaming. Red Teaming is an approach where real attackers are simulated, and the defenders are challenged by this real-life scenario. I will explain how it works, why most people are doing it wrong and when it is a suitable time to employ it. Spoiler alert: it is not an effective way to find vulnerabilities.
Security is always about making the attacker’s life harder. We want to spend as little as possible but impede malicious actions as much as possible. Let’s spend our resources in the most efficient way possible to not play in the hands of the bad folks!
This was our first talk in a meetup series talking about real-life attacks and securing the network against them. The next one will talk about common phishing scenarios.
Speaker & Details:
Martin Grottenthaler (senior information security consultant at SBA)