DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

Indicators of Emulation: Extra Spicy Adversary Emulation

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Indicators of Emulation: Extra Spicy Adversary Emulation

    Cyber threat intelligence, in the past, has primarily focused on extracting, preparing, and analyzing indicators of compromise for digital forensics and incident response, the security operations center, and other teams. This talk proposes that there is a benefit to including cyber threat intelligence analysts in adversarial threat emulation. By including indicators of emulation (IOE) based upon internal organizational attack data, CTI analysts can enrich and customize red team TTPs to specific threats the organization is currently facing. Don’t have a CTI team? Well, we have solutions for you! From pulling TTPs and IOEs out of thin air to a custom Golang C2 tool you can use to execute payloads that are relevant to your organization. Sit back, relax, and enjoy the show!

    Speaker(s): Ch33r10, haydnjohnson

    Location: Red Team Vlg

    Discord: https://discord.com/channels/7082082...77357820411944

    Event starts: 2020-08-08 16:30 (04:30 PM) PDT (UTC -07:00)

    Event ends: 2020-08-08 17:30 (05:30 PM) PDT (UTC -07:00)

    For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-07-29T01:26 (UTC).
    Starts
    August 8, 2020 16:30
    Ends
    August 8, 2020 17:30
    Location
    Red Team Vlg
Working...
X