Workshop: Automating Attacks – Alex Martirosyan
October 20 @ 12:30 pm
Presented by: Alex Martirosyan
With the latest advancements of attack and breach simulation tools, many organizations are still playing catchup to know where to begin. Endpoint detection and response (EDR) tools have become heavily relied upon with default configurations. As an industry, we have pushed a lot of the responsibility of managed service providers without fully understanding what we are signing up for. This workshop will help beginners understand what the latest buzzwords mean such as Atomic Testing, Micro Emulation Plans, and Purple Teaming. With a common understanding, we will then use a lab environment to execute an emulation plan to learn from offensive and defensive outcomes. Mixing red and blue is a good start but requires careful planning and goals to be successful. We will start simple and build more complex plans so that you can immediately take away how to incorporate similar processes internally.
Our assumptions about defensive controls are rarely validated through active testing or standard day-to-day activity due to the complexities of a behavior or technique. Penetration tests are point in time and typically on a standard calendar cycle. The need for defenders to understand offensive actions and capabilities has grown to be to ensure controls are working as intended. These types of assessments demonstrate a tools value to the business or create a case for the need of a specific investment.
Alex is a Senior Penetration Tester at Wolf’s IT Assurance Services group where he’s responsible for coordinating and conducting penetration testing services for clients in a variety of industries, including financial, healthcare, and software. His expertise consists of internal and external network penetration testing, threat emulation exercises, social engineering, vulnerability assessments, cloud security assessments, and Active Directory security reviews. Additionally, he has experience working with standards from the National Institute of Standards and Technology (NIST), the Center for Internet Security (CIS), and leveraging the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework. Alex has over four years of experience performing security assessments and holds certifications from industry-recognized organizations such as Offensive Security and Global Information Assurance Certification (GIAC).