You’ve heard of black, white, and gray box testing? Adding to the security color spectrum, Red Teams (pen testers) working together with Blue Teams (defenders), can improve organizational security and get the most out of security assessments. This talk will discuss both general and specific concepts and techniques to improve penetration tests with coordination of internal security teams. We will discuss high level topics such as knowing what type of assessment is needed for your organization, to more detailed technical concepts such as detecting attack traffic and coordinating with red team attacks. If your internal security team isn't ready for a pentest, lets discuss steps to get your team prepared and ready to fully take advantage of full scope penetration tests. From a pentester perspective, we will discuss the types of testing that is most beneficial to your clients and how to communicate and perform testing activities in conjunction with blue teams. We will also talk about ways to assist the teams with remediation from a 3rd party point of view.
What are the three key points an audience will receive:
· Pen testing techniques on working with internal security
· Internal security techniques for detecting attacks
· Concepts on performing the best type of pen test for your customers