POPULARITY
In large enterprise software companies, Red and Blue Teams collaborate through Purple Teaming to proactively detect, respond to, and mitigate advanced threats. In this episode of CyberWire-X, N2K's Dave Bittner is joined by Adobe's Justin Tiplitsky, Director of Red Team and Ivan Koshkin, Senior Detection Engineer to discuss how their teams work together daily to strengthen Adobe's security ecosystem. They share real-world insights on how this essential collaboration enhances threat detection, refines security controls, and improves overall cyber resilience. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this episode Michael and Sarah talk to Nestori Syynimaa about Entra ID security and his purple-team tool, AADInternals. We also cover the latest security news about Secure Future Initiative (SFI), MFA for Azure Portal, Playright, WordPress, NSG, Bastion, Azure Functions, MS Ignite, App Service, Defender for Cloud, Containers, Azure Monitor, AKS, Trustworthy AI and Azure AI Content Safety.https://aka.ms/azsecpod
Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup named Dreadnode, which we'll discuss as well. Segment Resources: CyberSecEval 3: Advancing the Evaluation of Cybersecurity Risks and Capabilities in Large Language Models The [TTPForge] (https://github.com/facebookincubator/TTPForge) is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs). ForgeArmory provides TTPs that can be used with the TTPForge Wired, by Lily Hay Newman: Facebook's ‘Red Team X' Hunts Bugs Beyond the Social Network's Walls MOSE (Master Of SErvers) is a post exploitation tool for configuration management servers. BSides SF 2024 - Beyond Quick Cash: Rethinking Bug Bounties for Greater Impact BSides LV 2023 - [GF - Enemy Within: Leveraging Purple Teams for Advanced Threat Detection & Prevention - https://www.youtube.com/watch?v=-MT0tNi2vvc This week in the enterprise security news, we've got: Torq, Tamnoon, and Defect Dojo raise funding Checkmarx acquires ZAP Commvault acquires Clumio Would you believe San Francisco is NOT the most funded metro area for cybersecurity? Auto-doxxing Smart glasses are now possible Meta gets fined $100M for storing plaintext passwords AI coding assistants might not be living up to expectations Worst Practices Dumpster fires and truth bombs All that and more, on this episode of Enterprise Security Weekly! The way we use browsers has changed, so has the way we need to secure them. Using a secure enterprise browser to execute content away from the endpoint, inside a secure cloud browser is a dramatically more effective and cost-effective approach to protect users and secure access. This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menloisw to learn more about them! Sevco is a cloud-native vulnerability and exposure management platform built atop asset intelligence to enable rapid risk prioritization, mitigation, validation, and metrics. Segment Resources: Customer Testimonials: https://www.sevcosecurity.com/testimonials/ Product Videos: https://www.sevcosecurity.com/sevcoshorts/ This segment is sponsored by Sevco Security. Visit https://securityweekly.com/sevcoisw to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-378
Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup named Dreadnode, which we'll discuss as well. Segment Resources: CyberSecEval 3: Advancing the Evaluation of Cybersecurity Risks and Capabilities in Large Language Models The [TTPForge] (https://github.com/facebookincubator/TTPForge) is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs). ForgeArmory provides TTPs that can be used with the TTPForge Wired, by Lily Hay Newman: Facebook's ‘Red Team X' Hunts Bugs Beyond the Social Network's Walls MOSE (Master Of SErvers) is a post exploitation tool for configuration management servers. BSides SF 2024 - Beyond Quick Cash: Rethinking Bug Bounties for Greater Impact BSides LV 2023 - [GF - Enemy Within: Leveraging Purple Teams for Advanced Threat Detection & Prevention - https://www.youtube.com/watch?v=-MT0tNi2vvc This week in the enterprise security news, we've got: Torq, Tamnoon, and Defect Dojo raise funding Checkmarx acquires ZAP Commvault acquires Clumio Would you believe San Francisco is NOT the most funded metro area for cybersecurity? Auto-doxxing Smart glasses are now possible Meta gets fined $100M for storing plaintext passwords AI coding assistants might not be living up to expectations Worst Practices Dumpster fires and truth bombs All that and more, on this episode of Enterprise Security Weekly! The way we use browsers has changed, so has the way we need to secure them. Using a secure enterprise browser to execute content away from the endpoint, inside a secure cloud browser is a dramatically more effective and cost-effective approach to protect users and secure access. This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menloisw to learn more about them! Sevco is a cloud-native vulnerability and exposure management platform built atop asset intelligence to enable rapid risk prioritization, mitigation, validation, and metrics. Segment Resources: Customer Testimonials: https://www.sevcosecurity.com/testimonials/ Product Videos: https://www.sevcosecurity.com/sevcoshorts/ This segment is sponsored by Sevco Security. Visit https://securityweekly.com/sevcoisw to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-378
Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup named Dreadnode, which we'll discuss as well. Segment Resources: CyberSecEval 3: Advancing the Evaluation of Cybersecurity Risks and Capabilities in Large Language Models The [TTPForge] (https://github.com/facebookincubator/TTPForge) is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs). ForgeArmory provides TTPs that can be used with the TTPForge Wired, by Lily Hay Newman: Facebook's ‘Red Team X' Hunts Bugs Beyond the Social Network's Walls MOSE (Master Of SErvers) is a post exploitation tool for configuration management servers. BSides SF 2024 - Beyond Quick Cash: Rethinking Bug Bounties for Greater Impact BSides LV 2023 - [GF - Enemy Within: Leveraging Purple Teams for Advanced Threat Detection & Prevention - https://www.youtube.com/watch?v=-MT0tNi2vvc Show Notes: https://securityweekly.com/esw-378
Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup named Dreadnode, which we'll discuss as well. Segment Resources: CyberSecEval 3: Advancing the Evaluation of Cybersecurity Risks and Capabilities in Large Language Models The [TTPForge] (https://github.com/facebookincubator/TTPForge) is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs). ForgeArmory provides TTPs that can be used with the TTPForge Wired, by Lily Hay Newman: Facebook's ‘Red Team X' Hunts Bugs Beyond the Social Network's Walls MOSE (Master Of SErvers) is a post exploitation tool for configuration management servers. BSides SF 2024 - Beyond Quick Cash: Rethinking Bug Bounties for Greater Impact BSides LV 2023 - [GF - Enemy Within: Leveraging Purple Teams for Advanced Threat Detection & Prevention - https://www.youtube.com/watch?v=-MT0tNi2vvc Show Notes: https://securityweekly.com/esw-378
Send us a Text Message.This month, we welcome Eric Gagnon, Team Lead of Adversary Simulation, Purple Teaming, and Tradecraft Development at Desjardins. The conversation covers a wide range of topics related to cybersecurity, including purple teaming, red teaming, blue teaming, and Eric's journey in cybersecurity. Eric shares insights on certifications, threat hunting, cloud security, and the importance of knowledge exchange between red and blue teams. He also discusses the use of AI in cybersecurity and the need to stay sharp in the field.TakeawaysPurple teaming involves collaborative operations to exchange ideas, evaluate security controls, and test out tactics, techniques, and procedures (TTPs) real threat actors use.Certifications in cybersecurity, such as Offensive Security Certified Professional (OSCP) and Offensive Security Certified Expert (OSCE), provide valuable knowledge and an edge in the field.Threat hunting involves looking for a granular activity that may indicate a compromise, filtering out the noise, and focusing on the suspicious behavior of threat actors.Cloud security requires automation, cyber hygiene, and visibility, focusing on prioritizing techniques and testing them against the enterprise's environment.Knowledge exchange between red and blue teams during a purple team engagement is essential and should include a common language, centralized documentation, and reporting against the MITRE ATT&CK framework.Staying sharp in cybersecurity involves continuous learning, participation in CTFs, engaging with passionate individuals, and challenging oneself through talks, podcasts, and specialized training.Chapters00:00Introduction to Purple Teaming and Cybersecurity Journey08:09Certifications and Insights in Cybersecurity15:08Threat Hunting and Granular Activity Detection35:02Knowledge Exchange in Purple Teaming: Red and Blue Collaboration39:57Staying Sharp in Cybersecurity: Continuous Learning and EngagementSecure applications from code to cloud.Prisma Cloud, the most complete cloud-native application protection platform (CNAPP).Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Jared would like to discuss the evolution of purple teaming. Put bluntly, he believes traditional purple team approaches don't test enough variations of attack techniques, delivering a false sense of detection coverage. He would like to talk about: The shortcomings of red team assessments and why most purple team assessments are too limited. How the testing landscape and requirements have changed (especially as organizations now look to validate vendor tools defense claims). How purple team assessments are evolving with the use of new frameworks like Atomic Testing. And the importance of building and selecting good test cases that cover the many ways attack techniques can be modified. The Exploit Prediction Scoring System is Awesome, or so some say, Reflections on InfoSec, Why some people don't trust science, SSH-Snake, Back in the Driver's seat, I Hacked My Internet Service Provider, States & Congress wrestle with cybersecurity, Combining AI with human brain cells, analyzing linux-firmware, detecting BLE SPAM, and The I in LLM. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-812
Jared would like to discuss the evolution of purple teaming. Put bluntly, he believes traditional purple team approaches don't test enough variations of attack techniques, delivering a false sense of detection coverage. He would like to talk about: The shortcomings of red team assessments and why most purple team assessments are too limited. How the testing landscape and requirements have changed (especially as organizations now look to validate vendor tools defense claims). How purple team assessments are evolving with the use of new frameworks like Atomic Testing. And the importance of building and selecting good test cases that cover the many ways attack techniques can be modified. Show Notes: https://securityweekly.com/psw-812
Jared would like to discuss the evolution of purple teaming. Put bluntly, he believes traditional purple team approaches don't test enough variations of attack techniques, delivering a false sense of detection coverage. He would like to talk about: The shortcomings of red team assessments and why most purple team assessments are too limited. How the testing landscape and requirements have changed (especially as organizations now look to validate vendor tools defense claims). How purple team assessments are evolving with the use of new frameworks like Atomic Testing. And the importance of building and selecting good test cases that cover the many ways attack techniques can be modified. The Exploit Prediction Scoring System is Awesome, or so some say, Reflections on InfoSec, Why some people don't trust science, SSH-Snake, Back in the Driver's seat, I Hacked My Internet Service Provider, States & Congress wrestle with cybersecurity, Combining AI with human brain cells, analyzing linux-firmware, detecting BLE SPAM, and The I in LLM. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-812
Jared would like to discuss the evolution of purple teaming. Put bluntly, he believes traditional purple team approaches don't test enough variations of attack techniques, delivering a false sense of detection coverage. He would like to talk about: The shortcomings of red team assessments and why most purple team assessments are too limited. How the testing landscape and requirements have changed (especially as organizations now look to validate vendor tools defense claims). How purple team assessments are evolving with the use of new frameworks like Atomic Testing. And the importance of building and selecting good test cases that cover the many ways attack techniques can be modified. Show Notes: https://securityweekly.com/psw-812
In Season 5, Episode 19 of the BSM podcast, host Steven Bowcut welcomes Jared Atkinson, the Chief Strategist at SpecterOps and the host of the "Detection Challenging Paradigms Podcast." The episode focuses on the dynamic and increasingly important topic of purple teaming within cybersecurity. Key Points Discussed - Evolution of Purple Teaming: Jared delves into the progression of purple teaming practices and their significance in the current threat landscape. He emphasizes how both defensive (blue team) and offensive (red team) strategies have melded to form a more comprehensive security approach. - Testing Landscape and Vendor Claims: The conversation touches on how the testing landscape has evolved, particularly considering vendor claims about the capabilities of their security solutions. Jared scrutinizes these claims and suggests a more measured approach to evaluating their efficacy. - Shortcomings in Purple Team Assessments: Jared enumerates the reasons why many purple team assessments don't reach their full potential. These shortcomings often stem from a lack of realistic testing scenarios or comprehensive coverage of possible attack vectors. - Role of New Frameworks: The introduction of new frameworks like Atomic Testing is highlighted as a game-changer in the field. Jared talks about how these frameworks can improve the precision and effectiveness of security assessments. - Building and Selecting Test Cases: The importance of building and selecting diverse and relevant test cases is discussed. Jared underlines the necessity for organizations to cover a wide range of attack techniques in their testing protocols. - Evolution of Attack Techniques: Examples of how attack techniques have evolved over time are provided, offering listeners insights into the adaptive nature of cyber threats. - Analyzing Malware Samples: Jared points to SpecterOps's 10-part blog series that offers a deep dive into the technical aspects of malware sample analysis, an essential skill for modern threat hunters. - Future of Purple Teaming: Finally, Jared presents his perspective on the direction purple teaming should take in the future. He stresses the need for continual adaptation and the adoption of forward-thinking strategies to stay ahead of threat actors. Conclusion The episode is informative for cybersecurity professionals looking to understand the current state and the progression of purple teaming. Jared Atkinson's expertise provides listeners with a detailed examination of the challenges and considerations essential to advancing the effectiveness of cybersecurity defenses through collaborative and realistic testing. The discussion not only sheds light on current practices but also charts a course for the future of purple teaming, making it a must-listen for those engaged in or interested in the strategic aspects of cybersecurity.
Today James is speaking with Eliza-May Austin, CEO & Co-Founder of th4ts3cur1ty.company. Drawing on her experience with a TeamViewer supply chain attack early in her career, Eliza explains how she built her company's SIEM solution to help businesses of all sizes defend against threats coming through trusted third parties. She also discusses the benefits of purple teaming and shares some amusing moments from working night shifts in cybersecurity, including testing if she can still do roly-polies and giving herself a concussion!
A few months back, ThreatTalk guest Amit Singh helped us consider some of the reasons a recent SANS 2022 SOC Survey showed so many organizations turning to ‘outsourcing' to bolster their SOC capabilities. His Australian/New Zealand cybersecurity company, 3columns, has loaned him to us again to help us drill down into the pros and cons of outsourced Pen Testing, Red Teaming, and Purple Teaming which the SANS report showed to be the top 3 most outsourced SOC functions. Unless your security team is well-funded to do everything internally, this episode is a “must-listen”. Tune in to the live broadcast on LinkedIn and Facebook every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, PocketCasts or your favorite podcast app.
"This final chapter of the book is no simple closer! "Turn Up the Volume by Expanding SOC Functionality" covers testing that your SOC is functioning as intended through activities such as Threat Hunting, Red and Purple Teaming, Adversary Emulation, Breach and Attack Simulation, tabletop exercises and more. There's even a discussion of cyber deception types and tactics, and how it can be used to further frustrate attackers. Join John, Kathryn, Ingrid, and Carson in this final chapter episode for some not to be missed tips! This special season of the Blueprint Podcast is taking a deep dive into MITRE's 11 Strategies of a World-Class Cyber Security Operations Center. Each episode John will break down a chapter of the book with the book's authors Kathryn Knerler, Ingrid Parker, and Carson Zimmerman.Support for the Blueprint podcast comes from the SANS Institute.If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.Check out the details at sansurl.com/450 Hope to see you in class!
This is Part 1 of an incredible series of interviews Allan conducted live at RSA 2023. Guests include: Chris Kennedy, CISO @ Citadel Gary Hayslip, CISO @ Softbank Investment Advisers Michael Calderin, CISO @ YAGEO Group Reet Kaur, CISO @ Portland Community College Rob LaMagna-Reiter, CISO @ Hudl Matthew Lang, vCISO David Cross, CISO @ Oracle SaaS Cloud Audra Streetman, Security Strategist @ Splunk Vishal Amin, General Manager of Security Solutions (Federal) @ Microsoft Adrian Peters, CISO @ Vista Equity Partners Kelly Shortridge, Author of “Security Chaos Engineering: Sustaining Resilience in Software and Systems” Robin Sundaram, CISO @ RELX Merritt Baer, Office of the CISO @ AWS Tim Rohrbaugh, former CISO & Industry Leader Rob Wood, CISO @ Centers for Medicare & Medicaid Services Bryan Green, CISO Americas @ ZScaler Stephanie Derdouri, Sr. Manager, Information Security and Technology Risk Management @ Capital Group Andres Andreu, CISO @ 2U Paul Love, CISO & Chief Privacy Officer @ Co-op Solutions Royce Markose, former CISO Bob Schuetter, CISO @ Ashland I ask my guests several questions: What is the best part of RSAC 2023 for you? What is the single most critical skill a security leader needs? What's missing in cybersecurity? What is your take on Purple Teaming and MITRE ATT&CK? How do you co-lead the organization? There is also a VERY special interview with James Stanley, Chief of Product Development at CISA at the end. Don't miss it! Sponsored by Semperis & AttackIQ. Semperis provides the industry's most comprehensive Active Directory and Azure AD cyber resilience platform, supported by specialized AD incident response expertise. https://semperis.com AttackIQ offers a new fully managed breach and attack simulation service. They are the premier provider of MITRE ATT&CK-based security control validation. https://attackiq.com
In a recent survey on purple teaming, 89 percent of respondents who had used the method deemed purple teaming activities “very important” to their security operations. Purple teaming exercises conducted regularly have the power to improve collaboration across teams, ensure issues are identified and remediated more proactively, and provide a means to measure progress over time. With all these benefits, why isn't everyone doing it? Purple teaming doesn't have to be such a heavy lift. With the right mindset and tools, any team can get started regardless of resources. This talk will highlight practical tips for getting started with purple teaming exercises and show off PlexTrac Runbooks, a platform designed to plan, execute, report, and remediate collaborative purple teaming engagements so teams can maximize their efforts and improve their security posture. Segment Resources: Learn more and book a demo: https://plextrac.com/securityweekly More information on Runbooks: https://plextrac.com/platform/runbooks/ This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw771
In a recent survey on purple teaming, 89 percent of respondents who had used the method deemed purple teaming activities “very important” to their security operations. Purple teaming exercises conducted regularly have the power to improve collaboration across teams, ensure issues are identified and remediated more proactively, and provide a means to measure progress over time. With all these benefits, why isn't everyone doing it? Purple teaming doesn't have to be such a heavy lift. With the right mindset and tools, any team can get started regardless of resources. This talk will highlight practical tips for getting started with purple teaming exercises and show off PlexTrac Runbooks, a platform designed to plan, execute, report, and remediate collaborative purple teaming engagements so teams can maximize their efforts and improve their security posture. Segment Resources: Learn more and book a demo: https://plextrac.com/securityweekly More information on Runbooks: https://plextrac.com/platform/runbooks/ This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw771
Are you looking to learn more about purple teaming and how you can get into it ? Listen in on our discussion hosted by Harry Taheem. Our Guest speaker is Maril Vernon, who specializes in building and managing purple team programs.
Chris - Lets start off with discussing what is Purple Teaming exactly, and what is it not?Nikki - The industry can be somewhat siloed between job roles, and purple teaming really breaks down those barriers - do you see purple teaming being adopted more in the industry? Or do you think that too many industry experts hold too closely to their areas of expertise? Chris - People often conflate Red Teaming, Pen Testing and Purple Teaming - how do we help clear up that confusion? Nikki - Purple teaming is supposed to be an iterative continuous process between red teams and blue teams. Do you feel like this continuous flow of information should be consistent between the teams? Do you feel like there is more value in one direction versus another? Nikki - The purple team concept is centered around blue teams and red teams, but this type of iterative and cooperative concept could be applied outside of red teamers and network defenders. Do you see value between using this type of cooperation between security assessment and audit teams and network defense teams?Chris: You've been someone I have watched who has been really effective at personal branding through platforms like LI. Can you discuss how you approach that and why it is valuable?Chris: For those looking to get into Purple Teaming or more broadly OffSec or even Blue Team, what are some of your primary recommendations resource wise for learning?
How can purple teaming benefit your organization? When red teamers like Matt Mullins collaborate with blue teamers like Owen Dubiel, you know you'll get a thorough and cost-effective assessment of your security environment. Listen to Matt and Owen share their strategies for successful purple teaming design and implementation. Plus, hear about their new Cybrary course campaign where you'll learn real-world adversary techniques before enhancing detections. Check Owen and Matt's Threat Actor Campaign series, where you'll learn the tactics and techniques used by real-world adversaries! ~Threat Actor Campaigns Follow Cybrary on Social!! ~Twitter ~Instagram ~FaceBook ~YouTube ~LinkedIn
In today's episode, I talk with Dan DeCloss. He is the Founder and CEO of PlexTrac - PlexTrac is a revolutionary, yet simple, Cybersecurity platform that centralizes all security assessments, penetration test reports, bug bounty submissions, audit findings and vulnerabilities into a single location. He is going to share with us how he got started in cybersecurity, and his journey as the founder of PlexTrac. He's going to tell us what Purple Teaming is and what his advice is for founders going after their dream. Here's a closer look at the episode: Dan's dream of entrepreneurship Naval Postgraduate School Department of Defense cybersecurity How report automating sparked the idea for PlexTrac The Red Team vs. the Blue Team in cybersecurity The importance of validation Deciding to commit full-time Why timing was right Unanticipated challenges as PlexTrac has grown The COVID impact and lessons learned How things changed after fundraising The relationship with Insight Partners Importance of leadership development What's coming up for PlexTrac Dan's advice for other founders Resources: Website: https://plextrac.com/ Dan's Linkedin: https://www.linkedin.com/in/ddecloss/ Dan's Twitter: https://twitter.com/wh33lhouse PlexTrac Twitter: https://twitter.com/PlexTrac PlexTrac LinkedIn: https://www.linkedin.com/company/plextrac/ PlexTrac Facebook: https://www.facebook.com/plextrac
In today's episode, I talk with Dan DeCloss. He is the Founder and CEO of PlexTrac - PlexTrac is a revolutionary, yet simple, Cybersecurity platform that centralizes all security assessments, penetration test reports, bug bounty submissions, audit findings and vulnerabilities into a single location. He is going to share with us how he got started in cybersecurity, and his journey as the founder of PlexTrac. He's going to tell us what Purple Teaming is and what his advice is for founders going after their dream. Here's a closer look at the episode: Dan's dream of entrepreneurship Naval Postgraduate School Department of Defense cybersecurity How report automating sparked the idea for PlexTrac The Red Team vs. the Blue Team in cybersecurity The importance of validation Deciding to commit full-time Why timing was right Unanticipated challenges as PlexTrac has grown The COVID impact and lessons learned How things changed after fundraising The relationship with Insight Partners Importance of leadership development What's coming up for PlexTrac Dan's advice for other founders Resources: Website: https://plextrac.com/ Dan's Linkedin: https://www.linkedin.com/in/ddecloss/ Dan's Twitter: https://twitter.com/wh33lhouse PlexTrac Twitter: https://twitter.com/PlexTrac PlexTrac LinkedIn: https://www.linkedin.com/company/plextrac/ PlexTrac Facebook: https://www.facebook.com/plextrac
In today's episode, I talk with Dan DeCloss. He is the Founder and CEO of PlexTrac - PlexTrac is a revolutionary, yet simple, Cybersecurity platform that centralizes all security assessments, penetration test reports, bug bounty submissions, audit findings and vulnerabilities into a single location. He is going to share with us how he got started in cybersecurity, and his journey as the founder of PlexTrac. He's going to tell us what Purple Teaming is and what his advice is for founders going after their dream.Here's a closer look at the episode:Dan's dream of entrepreneurshipNaval Postgraduate SchoolDepartment of Defense cybersecurityHow report automating sparked the idea for PlexTracThe Red Team vs. the Blue Team in cybersecurityThe importance of validationDeciding to commit full-timeWhy timing was rightUnanticipated challenges as PlexTrac has grownThe COVID impact and lessons learnedHow things changed after fundraisingThe relationship with Insight PartnersImportance of leadership developmentWhat's coming up for PlexTracDan's advice for other foundersResources:Website: https://plextrac.com/ Dan's Linkedin: https://www.linkedin.com/in/ddecloss/ Dan's Twitter: https://twitter.com/wh33lhouse PlexTrac Twitter: https://twitter.com/PlexTracPlexTrac LinkedIn: https://www.linkedin.com/company/plextrac/ PlexTrac Facebook: https://www.facebook.com/plextrac
Neil Clausen, regional CISO for Mimecast in Boston joins the podcast this week to take us through SIEM detection strategies, the best use of threat intel, running tabletop exercises, and Purple Teaming. Neil is seasoned security practitioner, who along with his leadership role at Mimecast lectures at Northeastern University College onDatabase Management, Security, and other IT-related courses. He's also been on advisory boards for McAfee and Cisco and has built and managed SOC functions.
All things AppSec and Purple Teaming with Tanya Janca, founder of the We Hack Purple community platform. --- Send in a voice message: https://anchor.fm/cyberspeakslive/message
Given your wide range of experience with AWS and cloud security - what would you say are some of the most common types of attacks for cloud platforms? What would you say are the top three skills someone should work on if they're interested in a career on a Red Team or as a penetration tester? Are there some really good resources or open-source tools you recommend for anyone learning about offensive security?Shifting to Purple Teaming, how does Purple Team differ from traditional PenTest/Red Team activities?For organizations looking to build out a purple team, where do you recommend they begin?What does the term Cyber Resilience mean to you?
Purple teaming has allowed an evolution from a combative point-in-time red team exercises and blue team responsive tuning to allow for collaborative, iterative process of cybersecurity defense hardening that can be tailored for an environment based on threat modeling. But how do you operationalize purple teaming effectively, what are the pitfalls, and how can you truly execute on the value of this capability? Join Arien Seghetti, Senior Solutions Architect at Cymulate, and Gerald Auger of SimplyCyber to dig in and really explore this new capability to understand how you can shift from blue or red to purple. #cybersecurity #informationsecurity #purpleteaming here
Special minisode! Michelle Farenci knows her stuff, because she's a cybersecurity practitioner inside a cybersecurity company. Learn why thinking like an attacker makes you a better defender. Full transcript: https://nakedsecurity.sophos.com/listen-up-4-cybersecurity-first-purple-teaming
Special minisode! Michelle Farenci knows her stuff, because she's a cybersecurity practitioner inside a cybersecurity company. Learn why thinking like an attacker makes you a better defender. Full transcript: https://nakedsecurity.sophos.com/listen-up-4-cybersecurity-first-purple-teaming
Today Dan DeCloss, CEO of PlexTrac, joins the panel to share results from a CyberRisk Alliance survey of 315 security practitioners in the U.S. and Canada. This research, sponsored by PlexTrac, shows a correlation between purple teaming and program maturity, which emphasizes the importance of adversary emulation in today's security landscape. Tune in to get the scoop on the survey results and MUCH more! This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw713
This week, we kick off the show with an interview featuring Dan DeCloss, the Founder of PlexTrac, for a segment all about Survey Says: Improve Your Security Posture by Purple Teaming! Then, a segment aimed at getting YOU Up and Running With The Security Onion!! In the Security News: Brushing that data breach under the rug? Get sued by the US Government!, all your text messages belong to someone else, beware of the Python in your ESXi, Twitch leaks, when LANtennas attack, zero-trust fixes everything, recalled insulin pumps, Apache -day, you iPhone is always turned on, and Apple pay hacked! Show Notes: https://securityweekly.com/psw713 Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we kick off the show with an interview featuring Dan DeCloss, the Founder of PlexTrac, for a segment all about Survey Says: Improve Your Security Posture by Purple Teaming! Then, a segment aimed at getting YOU Up and Running With The Security Onion!! In the Security News: Brushing that data breach under the rug? Get sued by the US Government!, all your text messages belong to someone else, beware of the Python in your ESXi, Twitch leaks, when LANtennas attack, zero-trust fixes everything, recalled insulin pumps, Apache -day, you iPhone is always turned on, and Apple pay hacked! Show Notes: https://securityweekly.com/psw713 Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Today Dan DeCloss, CEO of PlexTrac, joins the panel to share results from a CyberRisk Alliance survey of 315 security practitioners in the U.S. and Canada. This research, sponsored by PlexTrac, shows a correlation between purple teaming and program maturity, which emphasizes the importance of adversary emulation in today's security landscape. Tune in to get the scoop on the survey results and MUCH more! This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw713
Snehal Antani joins us from Horizon3.ai to talk about pentesting, red teaming and why not every vulnerability necessarily needs to be patched. He also shares some great advice for people entering the field.– Download our ebook, Developing cybersecurity talent and teams: https://www.infosecinstitute.com/ebook – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Intro2:12 - Origin story4:12 - Using your hacking powers for good7:14 - Working up the IBM ranks12:18 - Cloud problems14:25 - Post-IBM days16:50 - Work with the DOD20:33 - Why did you begin Horizon3.ai?24:38 - Vulnerabilities: not always exploitable29:46 - Strategies to deal with vulnerabilities33:36 - Sensible use of a security team35:29 - Advice for red and blue team collaboration39:14 - Pentesting and red teaming career tips41:12 - Demystifying red and blue team45:40 - How do you become intensely into your work47:24 - First steps to get on your career path49:49 - How to learn more about Horizon3.ai50:42 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It's our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
The red team instigates the trouble when it comes to penetration testing. Red teaming is quite aggressive - a nuclear version of a pen test if you will. The red team goes the whole hog, and all vulnerabilities are exposed. Blue teaming is more defensive, and it is all about evaluating the detection/prevention tools you have put in place to protect yourself against an attack. Purple teaming is a joint red and blue test. Brad Thomas probes Dr. David Day to give us the scoop on red, blue, and purple teaming in this podcast. Listen in.
PowerShell may seem intimidating, but it can be one of the most amazing and useful tools at your disposal...if you know how to use it. In this episode, we have Josh Johnson, author of the new SANS course "SEC586: Blue Team Operations - Defensive Powershell" giving you a masterful crash course in: - The importance of PowerShell- How PowerShell works, and how to set yourself up to use it- Blue team use cases for log analysis, incident response and more- How to stopping attackers from leveraging PowerShell- Some of the amazing automation and playbook opportunities you may be missing out on.Lots of actionable content for defenders here, don't miss in this episode!Our Guest: Josh JohnsonJosh Johnson is a SANS Certified Instructor and course author of SEC586: Blue Team Operations: Defensive PowerShell. He has been working in the Information Security industry for over 10 years in varying roles with responsibilities ranging from penetration testing to incident response. Josh was Purple Teaming since before it had a name and used his offensive security skill set to find and pursue his true passion - Blue Team. Since then, he has been helping organizations of all sizes, and in varying industries from healthcare to retail to finance, improve their cyber defense capabilities.More About JoshFollow Josh: Twitter | LinkedInSponsor's Note:Support for the Blueprint podcast comes from the SANS Institute.If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.Check out the details at sansurl.com/450! Hope to see you in class!Follow SANS Cyber Defense: Twitter | LinkedIn | YouTubeFollow John Hubbard: Twitter | LinkedIn
Welcome to The Cyber Ranch Podcast, recorded under the big blue skies of Texas, where one CISO explores the cybersecurity landscape with the help of friends and experts! Today, host and CISO Allan Alford interviews Gabe Lawerence, General Manager of Cyber Security Protection at Toyota Motor North America. Gabe has seen the good and bad of purple teaming, and we're here today to discuss what a mature purple teaming organization looks like. To start the conversation, Allan asks Gabe to share a little about himself, his background in information security and what he does at his day job. His path to security hasn't been linear - he has been a developer, an entrepreneur and a startup owner, slowly making his way to different levels of management in the security space. Gabe runs Enterprise Security at Toyota North America and is responsible for the technical side of the business and manufacturing environment. When discussing what successful purple teaming looks like, Gabe points to the heightened alert of fidelity being among its greatest benefits. Rather than a red versus blue mindset, purple teaming encourages community and collaboration. Then, Allan asks Gabe to share a specific time he found unexpected success in purple teaming. Gabe gives an example reiterating the advantage of having a red and blue team working collaboratively. In managing an enterprise, Gabe says there is always something changing. Validating your controls, alerts and responses are just a few of many tasks best tackled in smaller chunks. Embedding the automation from purple teaming as the ongoing environment keeps things in a high functioning state and serves as a persistent health check. Gabe explains how a buffer overflow isn't exactly instantaneous and combatting lingering attacks. Though purple teaming has many great benefits, it requires a bit of maturity. Having different teams interact together as they mature ensures they understand each other's roles and can effectively work together. Gabe urges people in the industry to think of themselves not only as part of a specific team, but as a part of a broader collective. In the hiring process, he describes seeking candidates with experience in software development and scripting. Additionally, it's crucial to be willing and excited to learn and have keen problem solving abilities. In closing, Gabe looks forward to working in server-less spaces like the Cloud in the future and says his favorite thing about his career field is that it never fails to offer something new. Key Takeaways 0:21 - Host Allan Alford welcomes listeners to the show and introduces Gabe Lawerence. 1:12 - Allan asks Gabe to share about his background and day job. 2:40 - What is successful purple teaming? 4:30 - Gabe shares both positive and negative personal experiences in purple teaming. 9:42 - How do you automate purple teaming? 14:11 - Fine tuning the deployment of the controls. 19:20 - How Gabe designs and hires for his team. 26:20 - What keeps Gabe in Information Security? Links: Learn more about Gabe Lawrence on LinkedIn Follow Allan Alford on LinkedIn and Twitter Learn more about Hacker Valley Studio and The Cyber Ranch Podcast Sponsored by our good friends at AttackIQ
The first episode of Security Weekly's podcast mini-series with PlexTrac "Getting the Real Work Done in Cybersecurity" starts with PlexTrac's bread and butter, Purple Teaming! The group - along with special guest Bryson Bort of SCYTHE - discuss the ins and outs of purple teaming. Topics covered on the show include the importance of collaboration within your security team, the idea of a milestone-based approach to security, purple teaming engagements, and much more. This segment is sponsored by Plextrac. Visit https://securityweekly.com/plextracseries to learn more about them! Visit https://www.securityweekly.com/series to view the entire PlexTrac Mini Series! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw687
The first episode of Security Weekly's podcast mini-series with PlexTrac "Getting the Real Work Done in Cybersecurity" starts with PlexTrac's bread and butter, Purple Teaming! The group - along with special guest Bryson Bort of SCYTHE - discuss the ins and outs of purple teaming. Topics covered on the show include the importance of collaboration within your security team, the idea of a milestone-based approach to security, purple teaming engagements, and much more. This segment is sponsored by Plextrac. Visit https://securityweekly.com/plextracseries to learn more about them! Visit https://www.securityweekly.com/series to view the entire PlexTrac Mini Series! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw687
This week, we welcome Dan Decloss, Founder and CEO at Plextrac joins us to talk about getting the real work done: The case studies. In the Security News, If software got a security grade, most would get an F, SolarWinds hackers got some source code, new old bugs in the Linux kernel, hack stuff and get blown up, stop hacking airquotes beer, weekly Chrome zero day, Mirai lives, long live Marai, how attackers could intercept your text messages, and rigging the election, the Homecoming Queen election that is. We round out the show with a special segment from our podcast series with Plextrac on Purple Teaming featuring none other than Bryson Bort! Show Notes: https://securityweekly.com/psw687 Visit https://securityweekly.com/plextracseries to learn more about them! Visit https://www.securityweekly.com/series to view the entire PlexTrac Mini Series! Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dan Decloss, Founder and CEO at Plextrac joins us to talk about getting the real work done: The case studies. In the Security News, If software got a security grade, most would get an F, SolarWinds hackers got some source code, new old bugs in the Linux kernel, hack stuff and get blown up, stop hacking airquotes beer, weekly Chrome zero day, Mirai lives, long live Marai, how attackers could intercept your text messages, and rigging the election, the Homecoming Queen election that is. We round out the show with a special segment from our podcast series with Plextrac on Purple Teaming featuring none other than Bryson Bort! Show Notes: https://securityweekly.com/psw687 Visit https://securityweekly.com/plextracseries to learn more about them! Visit https://www.securityweekly.com/series to view the entire PlexTrac Mini Series! Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
In this episode, we catch up with @mubix (Rob Fuller), a is red teamer turned purple teamer. He started his career in the United States Marine Corps working with explosives and has gone on to have a highly successful career in the security industry working at companies like Rapid7, GE, Uber, Cruise Automation and now Balck Hills Information Security, as well as contributing back in many ways to the security community and speaking at many conferences around the world.Mubix shares his journey, stories along the way, as well as going deeper into both red and purple teaming.
M Imad Khurram Joins Eliza-May Austin to discuss PurpleTeaming & how to show value to the board. Imad is the Sr DFIR Consultant at CISCO, he applies his extensive experience of Cyber Defence to the implementation of regular PurpleTeam engagements in the corporate environment.
Jon Moore talks to Eliza-May Austin about 'Trolling the Adversary!' Jon pulls from a 30 year career in information technology to discuss his unique take on Purple Teaming, and tells us why and how he loves to troll adversarial threat actors! As usual, this podcast was sponsored by th4ts3cur1ty.company and PocketSIEM
Liz Deakin is the CEO of Lithify IT Security. Lithify pride themselves on their experience of deploying complex security solutions in the most challenging environments, so this really is an excellent opportunity for an interesting discussion. Liz is joining me for a chat today to discuss the complexities of the OT ICS/SCADA environments. How is purpleteaming possible in a complex OT environment? Lithify on twitter Lithify on Facebook Lithify on Linkedin This podcast was brought to you by th4ts3cur1ty.company and PocketSIEM
Dan is the CEO & Founder of PlexTrac The Purple Teaming Platform. Get an intro to Plextrac, and discussing why effortless streamlined record keeping is a must for transparency during Purple Teaming Operations. PlexTrac Twitter | PlexTrac LinkedIn | PlexTrac on YouTube Check out the Plextrack resources here This episode was sponsored by PocketSIEM #infosec #cybersecurity
Linkedin | Twitter | Scythe.io Jorge Orchilles is the Chief Technology Officer of SCYTHE and co-creator of the C2 Matrix project. He is a SANS Certified Instructor and the author of Security 564: Red Team Exercises and Adversary Emulation. He was a founding member of MITRE Engenuity Center of Threat-Informed Defense. He is a Fellow at the Information Systems Security Association (ISSA) and the National Security Institute. Prior, Jorge led the offensive security team at Citi for over 10 years. Jorge Orchilles co-authored the Common Vulnerability Scoring System (CVSS) and A Framework for the Regulatory Use of Penetration Testing in the Financial Services Industry and is the author of Microsoft Windows 7 Administrator's Reference. To check out the Request the Purple Team Exercise Framework (PTEF) for free, click HERE! A workshop on how to get the most out of the PTEF will be run at DEFCON on the 8th of August 2020! Podcast sponsored by PocketSIEM & th4ts3cur1ty.company #infosec #cyber #redteam #blueteam #purpleteam
Linkedin | Twitter | Digitalinterruption Jay is the Founder & Lead Penetration Tester at Digitalinterruption; a security consultancy based in the heart of Manchester's innovation district. With a rich technical background in development and application penetration testing, he's able to offer a wealth of knowledge through thier offensive security services, which you can find out more about here. Podcast sponsored by PocketSIEM & th4ts3cur1ty.company #infosec #cyber #redteam #blueteam
More organizations are keen to introduce purple teaming to their security practices but in most cases, they are not yet at the level of the business maturity needed to take that next step. Evan Pena, Director of Professional Services at Mandiant (FireEye), describes how his team uses FireEye’s premiere threat intelligence to enhance purple teaming efficiency.
More organizations are keen to introduce purple teaming to their security practices but in most cases, they are not yet at the level of the business maturity needed to take that next step. Evan Pena, Director of Professional Services at Mandiant (FireEye), describes how his team uses FireEye's premiere threat intelligence to enhance purple teaming efficiency.
We signed up for the Purple Teaming class put on by Black Hills Information Security. It was a bit overwhelming, but we learned a lot.LINKS1. Class Git Hub Repository2. Sysmon3. The Hunting ELK4. BadBloodFIND US ON1. Facebook2. Twitter - DamienHull
In today's episode we talk about incentivising your Security Team and making sure that the defensive team are getting praise for a job well done. As well as noting that the red team's job isn't over when they find a high impact vulnerability. Key Points: 0'49 There's more to staff retention than bonuses 1'40 The problem of the romanticisation of the red team 3'30 Measuring progress in security improvement 4'25 Purple Teaming may help reduce the gap 11'00 Empowering the defensive team 15'15 Measuring offensive teams Links: https://soundcloud.com/hackedoff/009-an-intro-penetration-testing-vs-red-teaming https://soundcloud.com/hackedoff/an-intro-cybersecurity-maturity-assessments Listening Time: 18 minutes Hosted by: Holly Grace Williams, Technical Director at Secarma
This week Alex chats with Kacey, Charles, and Rick around competitions we’ve been seeing on English-language cybercriminal forums and how they compare to the ones on Russian-language forums, purple teaming, and how a hacker bribed a ‘Roblox’ insider to access user data. And finally… our thoughts on Elon Musk’s new baby’s name. Thanks for listening and stay safe out there! ***Resources from This Week*** Competitions on English-Language Forums: https://www.digitalshadows.com/blog-and-research/competitions-english-language-cybercriminal-forums/ Hacker Bribed 'Roblox' Insider to Access User Data: https://www.vice.com/en_us/article/qj4ddw/hacker-bribed-roblox-insider-accessed-user-data-reset-passwords SANs Webinar: https://www.sans.org/webcasts/security-leadership-managing-turbulent-times-presented-summits-113310
Episode 2 of the podcast focuses on Purple Teaming and features Gerry Beuchelt, CISO, and Patrick Mathieu, Offensive Security Coordinator from LogMeIn. Outline: (00:28) Introductions (03:34) Question 1 - What lead you to start using them at LogMeIn? (08:23) Question 2 - Where's the value in using both Red and Purple Teaming? (11:47) Question 3 - What improvements have you seen from using purple teams? (15:06) Question 4 - What aspects of workshopping do you find most valuable and why? (17:34) Question 5 – How do you measure the success of a purple team? (21:50) RECAP
Purple teaming reduces the lifespan of vulnerabilities found from pentests by facilitating knowledge transfer between red and blue teams in the remediation phase. PlexTrac provides a single interface through which red teams may report vulnerabilities and blue teams may remediate them. Visit https://www.securityweekly.com/plextrac to claim your free month of PlexTrac. Also, be sure to stop by their booth in the Early Stage Exhibit at RSA next month. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode634
Purple teaming reduces the lifespan of vulnerabilities found from pentests by facilitating knowledge transfer between red and blue teams in the remediation phase. PlexTrac provides a single interface through which red teams may report vulnerabilities and blue teams may remediate them. Visit https://www.securityweekly.com/plextrac to claim your free month of PlexTrac. Also, be sure to stop by their booth in the Early Stage Exhibit at RSA next month. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode634
This week, we welcome Dan DeCloss, President and CEO at PlexTrac, to talk about How to Improve Penetration Testing Outcomes with Purple Teaming! In our second segment, we welcome Ambuj Kumar, CEO, and Co-Founder of Fortanix, to discuss The Keys to Your Kingdom: Protecting Data in Hybrid and Multiple Public Clouds! In the Security News, Car hacking hits the streets, Four Ring employees fired for spying on customers, MITRE presents ATT&CK for ICS, and Las Vegas suffers cyberattack on the first day of CES! Show Notes: https://wiki.securityweekly.com/PSWEpisode634 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dan DeCloss, President and CEO at PlexTrac, to talk about How to Improve Penetration Testing Outcomes with Purple Teaming! In our second segment, we welcome Ambuj Kumar, CEO, and Co-Founder of Fortanix, to discuss The Keys to Your Kingdom: Protecting Data in Hybrid and Multiple Public Clouds! In the Security News, Car hacking hits the streets, Four Ring employees fired for spying on customers, MITRE presents ATT&CK for ICS, and Las Vegas suffers cyberattack on the first day of CES! Show Notes: https://wiki.securityweekly.com/PSWEpisode634 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Jason Lang is the Sr. Security Consultant of TrustedSec. Modern day red teaming against some of the largest company's in the US. Current passion is Ansible for red teamers (i.e. fast infrastructure buildout). To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode620 Visit https://www.securityweekly.com/psw for all the latest episodes!
Jason Lang is the Sr. Security Consultant of TrustedSec. Modern day red teaming against some of the largest company's in the US. Current passion is Ansible for red teamers (i.e. fast infrastructure buildout). To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode620 Visit https://www.securityweekly.com/psw for all the latest episodes!
It’s Harrison and Alex this week for your threat intelligence updates. The guys first dig into the NCSC’s recent threat trends report, the first of these that the NCSC has put out. It’s UK-specific, so just like we’ve shared thoughts around the FBI IC3 annual report in the past, which is heavily geared toward the US, it’s good to look across the pond as well. The team digs into 3 main areas: - Office365 - Ransomware trends including updates on Emotet, Ryuk, LockerGoga, Bitpaymer, Nemty, and GandCrab - Supply Chain Attacks The team also digs into some recent research around B.Wanted. A few weeks ago, there was a story that Brian Krebs reported on: essentially a user on a dark web forum was offering to sell access to a federal contractor who managed 20+ different federal agencies. Specifically we were looking into the threat actor responsible for selling the access, who goes by the name B.Wanted. The guys dig into some different theories. Finally we round out the episode with some top shows on Netflix to add to your lists. Enjoy your weekends! Get the weekly intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summary Resources from this week: NCSC Cyber Threat Trends: https://www.digitalshadows.com/blog-and-research/ncsc-cyber-threat-trends-report-analysis-of-attacks-across-uk-industries/ Nemty Ransomware: https://www.digitalshadows.com/blog-and-research/nemty-ransomware-slow-and-steady-wins-the-race/ Purple Teaming podcast episode with Eliza May Austin: https://dts.podtrac.com/redirect.mp3/podcasts.apple.com/us/podcast/purple-teaming-an-interview-with-eliza-may-austin/id1326304686?i=1000450023564
In this episode, Viktoria interviews Eliza May Austin (CEO & Co-Founder of th4ts3cur1ty.company), and our own Richard Gold and James Chappell on Purple Teaming, a security assessment that combines both blue teaming and red teaming. The team discusses: - How do we make the blue and red teams collaborate better? - Is purple teaming a cost-effective measure when it comes to a less mature organization? - Why Purple Teaming needs to be at the forefront - What systems would you start testing with the purple team approach? - And more! We end the discussion with a quick overview of Eliza’s other passion: Ladies of London Hacking Society. To learn more, check out this episode’s resources: - https://th4ts3cur1ty.company/ - Ladies Hacking Society: https://llhs.com/ - Purple Team like you’re preparing for war: https://medium.com/@always0ddba1l/purple-team-like-your-preparing-for-war-ea17cd4d4a91 - Purple Teaming with Vector, Cobalt Strike, and MITRE ATT&CK: https://www.digitalshadows.com/blog-and-research/purple-teaming-with-vectr-cobalt-strike-and-mitre-attck/
Eliza-May Austin is the CEO and Co-Founder of th4ts3cur1ty.company, who specialize in delivering intelligence lead adversary emulation purple teaming & the bespoke building of Security Operation Centers. Eliza is also the Founder and Director of Ladies of London Hacking Society, a passion project that has become one of London's leading technical security communities.
This week, we welcome Ben Ten, Team Lead of Defense and Countermeasures at TrustedSec, to talk about Purple Teaming and avoiding detection! In the Security News, Zoom's RCE Vulnerability is affecting over 700,000 companies, how YouTube is trying to ban hacking videos, 1TB of police body cam footage is available online, and how the U.S. Cyber Command warns of Outlook flaw exploited by Iranian Hackers! In our final segment, we air a pre recorded interview with Reinhard Hochrieser, CMO at Jumio, to discuss today's state of security demands and the need for Biometric Authentication! To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode611 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ben Ten, Team Lead of Defense and Countermeasures at TrustedSec, to talk about Purple Teaming and avoiding detection! In the Security News, Zoom's RCE Vulnerability is affecting over 700,000 companies, how YouTube is trying to ban hacking videos, 1TB of police body cam footage is available online, and how the U.S. Cyber Command warns of Outlook flaw exploited by Iranian Hackers! In our final segment, we air a pre recorded interview with Reinhard Hochrieser, CMO at Jumio, to discuss today's state of security demands and the need for Biometric Authentication! To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode611 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Ben has been working in technology and development for over 20 years. He spent 13 years doing defense in the medical industry before moving over to the offense. He uses his knowledge of defense in order to refine his offensive skills and then uses this knowledge to equip customers with a better understanding of defensive methodologies. To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode611 Follow us on Twitter: https://www.twitter.com/securityweekly
Ben has been working in technology and development for over 20 years. He spent 13 years doing defense in the medical industry before moving over to the offense. He uses his knowledge of defense in order to refine his offensive skills and then uses this knowledge to equip customers with a better understanding of defensive methodologies. To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode611 Follow us on Twitter: https://www.twitter.com/securityweekly
We welcome back Bryson Bort, who is the Founder/CEO of GRIMM. Bryson will be talking about Purple Teaming, Top Attack Simulation Scenarios, and Testing Command & Control Channels. To learn more about SCYTHE, visit: https://securityweekly.com/scythe Full Show Notes: https://wiki.securityweekly.com/Episode609 Follow us on Twitter: https://www.twitter.com/securityweekly
We welcome back Bryson Bort, who is the Founder/CEO of GRIMM. Bryson will be talking about Purple Teaming, Top Attack Simulation Scenarios, and Testing Command & Control Channels. To learn more about SCYTHE, visit: https://securityweekly.com/scythe Full Show Notes: https://wiki.securityweekly.com/Episode609 Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we welcome Vivek Ramachandran, Founder and CEO of the Pentester Academy, to talk about their AttackDefense Labs platform, and how the Pentester Academy is helping thousands of customers from government agencies to Fortune 500 companies! In the second segment, we welcome back Bryson Bort, Founder and CEO of Scythe, to talk about purple teaming, top attack simulation scenarios, and testing command and control channels! In the Security News, how not to prevent a cyberwar with Russia, the case against knee-jerk installation of Windows patches, U.S. Customs and Border Protection data breach is the result of a supply chain attack, and a phishing scam that hacks two factor authentication! To learn more about SCYTHE, visit: https://securityweekly.com/scythe Full Show Notes: https://wiki.securityweekly.com/Episode609 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Vivek Ramachandran, Founder and CEO of the Pentester Academy, to talk about their AttackDefense Labs platform, and how the Pentester Academy is helping thousands of customers from government agencies to Fortune 500 companies! In the second segment, we welcome back Bryson Bort, Founder and CEO of Scythe, to talk about purple teaming, top attack simulation scenarios, and testing command and control channels! In the Security News, how not to prevent a cyberwar with Russia, the case against knee-jerk installation of Windows patches, U.S. Customs and Border Protection data breach is the result of a supply chain attack, and a phishing scam that hacks two factor authentication! To learn more about SCYTHE, visit: https://securityweekly.com/scythe Full Show Notes: https://wiki.securityweekly.com/Episode609 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Most penetration testers are considered “red team,” while most defenders are considered “blue team.” Thus, the irony of a conventional penetration test is that these two groups are typically pitted against each other. When the red teams and blue teams are working together, you have what’s called a “purple team.” While purple-teaming has not always been a thing, it can be a win for both groups. Purple-teaming has now become somewhat of a buzzword. However, the effort behind it has great merit and value. In this podcast, LBMC Information Security’s Bill Dean helps purple-teaming, as well some of the benefits involved with the practice.
Ken and Seth are joined by Chris Gates to talk about Purple Teaming and the WeirdAAL tool
Ken and Seth are joined by Chris Gates to talk about Purple Teaming and the WeirdAAL tool