How Purple Teaming Takes Security to New Levels
Thursday, June 7, 2018, 10:00am to 3:00pm at Harvard Club of New York
Red and Blue teaming has been a staple of organizational security programs for years. Red Teams are white-hat hackers that attack your digital infrastructure to test its defenses and find weaknesses. Blue Teams are the internal security teams that try to ward off both real attackers and Red Teams. Purple Teams have become increasingly important, but their role is less understood.
Specifically, Purple Teams combine members of red and blue teams who work to ensure teams Red and Blue operate at peak efficiency and effectiveness.
In this symposium discussion and workshop, IANS Faculty Member and LIFARS LLC CEO Ondrej Krehel will walk attendees through the leading best practices and trends for securing your critical infrastructure through Purple Teaming. He has conducted many missions and certifications for the US Air Force Offensive Cyber team and has 2 decades of experience in computer security and digital forensics, where he has conducted a wide range of Red and Blue Team exercises.
Ondrej will arm information security officers and IT/Security staff with knowledge of industry best practices from all sides of the paradigm and teach them practical procedures to help redirect their scarce resources on actions to promote immediate and high-value payoffs.
During this symposium workshop, Ondrej will:
- Separate attendees into 3-4 groups with a mix of Red and Blue team members. Each breakout group will be given an attack/breach/threat simulation problem to remediate.
- Present successful use cases: what are they and what makes them successful?
- Supply attendees with a computer to solve the problem, as well as dry erase or foam pad boards to work through their problem collectively.
- Award a special door prize to the first person that solves the problem.
After finishing, each team will present the steps they took to reach the remediation point to their audience, highlighting the weaknesses and strengths of their process.
This Symposium is designed for CISOs, Operations leads, and any information security practitioner who wants state-of-the-art guidance from industry leaders.
This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.