Hackers of India

Internal Red Team Operations Framework - Building your practical internal Red Team

By Abhijith B R on 22 Aug 2020 @ Thedianainitiative
πŸ“Ή Video πŸ”— Link
#red-teaming #cyber-war #phishing #attack-surface #secure-development #security-testing
Focus Areas: βš–οΈ Governance, Risk & Compliance , πŸ” Application Security , βš™οΈ DevSecOps , 🎯 Penetration Testing , πŸ“š Security Awareness , πŸ•΅οΈ Threat Intelligence

Presentation Material

Abstract

This talk is about building a practical internal red team. This is not an easy task. For organizations, it is essential to have an internal offensive team to continuously perform adversarial simulation to strengthen the security posture and enhance blue team capabilities. Many variables needs to be taken care of before going forward with such an initiative. Most important thing would be assessing the progress and maturity of the red team building process. Explains various steps to create an internal offensive team/red team from scratch and increasing the capabilities gradually on different phases. This talk introduces a proven way of building internal offensive teams, Internal Red Team Operations Framework. (IRTOF)

AI Generated Summary

The talk focuses on building an internal red team operations framework for organizations. The speaker highlights the differences between vulnerability assessment, penetration testing, and red teaming, emphasizing that red teaming is a more comprehensive and goal-oriented approach to testing an organization’s defenses.

Key findings and techniques presented include the importance of defining clear objectives and rules of engagement, understanding the organization’s security posture, and hiring skilled talent. The speaker introduces the Internal Red Team Operations Framework (IRTOF), which consists of five phases: crawling, walking, running, flying, and soaring. Each phase builds on the previous one, with activities such as building the team, setting up infrastructure, and conducting adversarial simulation and phishing campaigns.

The practical implications of the talk include the need for organizations to move beyond traditional vulnerability assessment and penetration testing to more mature and comprehensive red teaming operations. The speaker emphasizes the importance of collaboration between red and blue teams, continuous training and improvement, and proactive remediation of identified vulnerabilities. By following the IRTOF framework, organizations can improve their security posture, enhance their defenses, and reduce the risk of breaches.

Disclaimer: This summary was auto-generated from the video transcript using AI and may contain inaccuracies. It is intended as a quick overview β€” always refer to the original talk for authoritative content. Learn more about our AI experiments.