Baselining Behavior Tradecraft Through Simulations
Join us at Way West Wild West Hackin’ Fest in Deadwood in September 2020: https://www.wildwesthackinfest.com/
With the adoption of endpoint detection and response tools as well as a higher focus on behavior detection within organizations, when simulating an adversary it’s important to understand the systems you are targeting. This talk will focus on the next evolution of red teaming and how defeating defenders will take more work and effort. This is a good thing! It’s also proof that working together (red and blue) collectively, we can make our security programs more robust in defending against attacks. This talk will dive into actual simulations where defenders have caught us as well as ways that we have circumvented even some of the best detection programs out there today. Let’s dive into baselining behavior and refining our tradecraft to evade detection and how we can use that to make blue better.
David Kennedy is founder of TrustedSec and Binary Defense Systems. Both organizations focus on the betterment of the security industry from both an offense and defense perspective. David also serves on the board of directors for the ISC2 organization. David was previously CSO for a Diebold Incorporated where he ran the entire INFOSEC program. He is a co-author of the book “Metasploit: The Penetration Testers Guide”, the creator of the Social-Engineer Toolkit (SET), Artillery, and several popular open source tools. David has been interviewed by several news organizations including CNN, Fox News, MSNBC, CNBC, Katie Couric, and BBC World News. He is also the co-host of the social-engineer podcast and on several additional podcasts. David has testified in front of Congress on two occasions on the security around government websites. He is one of the founding authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. David is the co-founder of DerbyCon, a large-scale conference in Louisville, Kentucky. Prior to the private sector, David worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.