DEF CON Forum Site Header Art


No announcement yet.

Indicators of Emulation: Extra Spicy Adversary Emulation

  • Filter
  • Time
  • Show
Clear All
new posts

  • Indicators of Emulation: Extra Spicy Adversary Emulation

    Cyber threat intelligence, in the past, has primarily focused on extracting, preparing, and analyzing indicators of compromise for digital forensics and incident response, the security operations center, and other teams. This talk proposes that there is a benefit to including cyber threat intelligence analysts in adversarial threat emulation. By including indicators of emulation (IOE) based upon internal organizational attack data, CTI analysts can enrich and customize red team TTPs to specific threats the organization is currently facing. Don’t have a CTI team? Well, we have solutions for you! From pulling TTPs and IOEs out of thin air to a custom Golang C2 tool you can use to execute payloads that are relevant to your organization. Sit back, relax, and enjoy the show!

    Speaker(s): Ch33r10, haydnjohnson

    Location: Red Team Vlg


    Event starts: 2020-08-08 16:30 (04:30 PM) PDT (UTC -07:00)

    Event ends: 2020-08-08 17:30 (05:30 PM) PDT (UTC -07:00)

    For the most up-to-date information, please either visit, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-07-29T01:26 (UTC).
    August 8, 2020 16:30
    August 8, 2020 17:30
    Red Team Vlg