Recommended
More Related Content
More from Sylvain Martinez
More from Sylvain Martinez (19)
Recently uploaded
Recently uploaded (20)
ARE YOU RED TEAM READY?
- 1. ARE YOU RED TEAM READY? Version: 1.2a Date: 26/09/2018 Author: Sylvain Martinez Reference: ESC12-MUSCL Classification: Public
- 2. 2 • Vulnerability Assessment concept; • Penetration testing concept; • Red team concept; • Traditional cycle; • Red team cycle; • Red team realistic simulation; • Answering different questions; • Hacking scenario; • Hacking milestones; • Find targets; • Get physical access; • Compromise target; • Exfiltrate secret; • Do not get caught!; • Assembling the team; • Execution; • To be careful of; • To do as a priority; CONTENTS PUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT • Future of red teams; • Can you name those devices? • Answers RED TEAM READY
- 3. VULNERABILITY ASSESSMENT CONCEPT NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT 3RED TEAM READYPUBLIC LARGE SCALE AUTOMATED CHEAP REGULAR Icons from the Noun Project unless specified otherwise
- 4. PRENETRATION TESTING CONCEPT 4RED TEAM READYPUBLIC FOCUSED SKILLED AND MORE MANUAL COSTS MORE ON DEMAND/LESS REGULAR NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 5. RED TEAM CONCEPT 5RED TEAM READYPUBLIC SCENARIO BASED HIGHLY SKILLED EXPANSIVE ON DEMAND/WHEN NEEDED NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 6. TRADITIONAL CYCLE 6RED TEAM READYPUBLIC 2. RECONNAISSANCE 1.PREPARATION 3. DISCOVERY 4. VALIDATION 5. ANALYSIS6. REPORTING 7. PRESENTATION NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 7. RED TEAM CYCLE 7RED TEAM READYPUBLIC 2. RECONNAISSANCE 1.PREPARATION 3. DISCOVERY 4d. EXFILTRATION 5. ANALYSIS6. REPORTING 7. PRESENTATION 4c. FOOTHOLD 4b. EXPLOITATION 4a. VALIDATION NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 8. RED TEAM REALISTIC SIMULATION 8RED TEAM READYPUBLIC PHYSICAL / LOGICAL / SOCIAL EMULATE HACKING TECHNICS ESTABLISH PERSISTANCE EXTRACT DATA DEMONSTRATE NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 9. ANSWERING DIFFERENT QUESTIONS! 9RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT RED TEAM EXERCISE CAN MY CONTRACTS BE STOLEN? DO WE HAVE VULNERABILITIES?VULNERABILITY ASSESSMENT CAN MY WEBSITE BE HACKED?PENETRATION TESTING
- 10. HACKING SCENARIO 10RED TEAM READYPUBLIC OBJECTIVES • FINANCIAL CONTRACT GOT STOLEN 2 MONTHS AGO; • NOW STORED IN SECURED SERVER IN SECURED ROOM; • CAN THE CONTRACT BE STOLEN AGAIN? NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT INFORMATION GIVEN • NAME OF THE CONTRACT; • 3x INDIVIDUALS’ NAME RELEVANT TO THE CONTRACT; • THE COUNTRY WHERE THE CONTRACT IS LOCATED.
- 11. HACKING MILESTONES 11RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT 1. FIND TARGETS 2. GET PHYSICAL ACCESS 3. COMPROMISE ASSET 4. EXFILTRATE SECRET 5. DO NOT GET CAUGHT!
- 12. FIND TARGETS 12RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 13. GET PHYSICAL ACCESS 13RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 14. COMPROMISE TARGET 14RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 15. EXFILTRATE SECRET 15RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 16. DO NOT GET CAUGHT! 16RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 17. ASSEMBLING THE TEAM 17RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 18. EXECUTION 18RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT PROFESSIONALISM MANDATE
- 19. TO BE CAREFUL OF 19RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT RENAMING PEN TEST TO RED TEAM KEEPING STAFF HAPPY TRAINING STAY SAFE AND DON’T BECOME A TROJAN HORSE HOW REALISTIC CAN YOU BE SCENARIOS TOO WIDE/AMBITIOUS
- 20. TO DO AS A PRIORITY 20RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT CLEAR MILESTONES STAKEHOLDERS ENGAGEMENT BE REALISTIC PROVIDE COMPREHENSIVE THREAT VIEW GET A TEAM WITH DIFFERENT SKILLS
- 21. FUTURE OF RED TEAMS 21RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT MORE DEMANDS PURPLE TEAM OFFENSIVE LEGITIMISATION
- 22. CAN YOU NAME THOSE DEVICES? 22RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 23. ANSWERS 23RED TEAM READYPUBLIC NEXTCHALLENGESCASE STUDYFRAMEWORKCONTEXT
- 24. © 2018 ElysiumSecurity Ltd. All Rights Reserved www.elysiumsecurity.com ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ELYSIUMSECURITY provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ELYSIUMSECURITY provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. ELYSIUMSECURITY operates in Mauritius and in Europe, a boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.