Getting Started in Red Teaming and Offensive Security
iSpeech.org
Curtis Brazzell, managing security consultant at cybersecurity firm Pondurance, discusses the methodologies and day-to-day operations in Red Team operations.
- Get infosec training: http://infosecinstitute.com/
- Special offer for CyberSpeak with InfoSec Institute listeners!: https://www.infosecinstitute.com/podcast
This video covers these questions and more:
- Tell us about the Intrusion Detection and Response Platform you've been building in your spare time. (1:15)
- How did you get started in computers and security? (2:20)
- Can you explain what a Red Team is and how it related to things like penetration testing? (4:35)
- What made you want take your career further into Red Teaming? (6:35)
- What makes a good Red Team member? (7:40)
- What experience, qualification and accomplishments should you aim for to become a desirable Red Team candidate? (9:05)
- How do Red Teams actually work? (10:05)
- What are some of the common methodologies that Red Teams employ? (10:55)
- What type of companies employ Red Teams? (13:35)
- Is there any benefit to having a Red Team on staff for smaller organizations? (14:35)
- How often should the average company test their security with a Red Team? (15:10)
- What is "too far" when it comes to Red Team testing? (15:55)
- How long does it take to complete a full Red Team assessment? (17:20)
- How do you report your findings to the company so they can close their security gaps? (17:50)
- Why has Red Teaming received such a boost in interest at the moment? (19:10)
- What are the pros and cons of different vulnerability methods you utilize to identify security issues? (20:20)
- Are organizations over-prescribing Red Teams as a security solution? (21:25)
- What are your thoughts on Purple Teams? (22:10)
- What types of security solutions does Pondurance provide? (23:25)
- What's the future of Red Teaming? (24:15)
Want to hear more conversations like these? Subscribe to CyberSpeak with InfoSec Institute:
- Apple Podcasts: https://itunes.apple.com/us/podcast/cyberspeak-with-infosec-institute/id1419689068
- Subscribe on Android: https://subscribeonandroid.com/resources.infosecinstitute.com/feed/podcast/
- Spotify: https://open.spotify.com/show/05JXEWn4e1Iv9Knbnm1ELE
MORE ON INFOSEC INSTITUTE
InfoSec Institute fortifies organizations and their employees against security threats with award-winning security and privacy education. Recognizing cybersecurity is everyone’s job, we provide skills development and certification training for IT and security professionals while building the entire workforce’s security aptitude with awareness training and phishing simulations. Recognized as a Gartner Peer Insights Customers’ Choice for Security Awareness Computer-Based Training, InfoSec Institute is also a Training Industry “Top 20 IT Training Company” and the Security Training & Education Program Gold Winner in Info Security Products Guide’s Global Excellence Awards.
Additional information can be found here:
- SecurityIQ awareness and anti-phishing platform: https://www.infosecinstitute.com/securityiq/
- InfoSec training and certification: https://www.infosecinstitute.com/flex
- InfoSec training and certification features: https://www.infosecinstitute.com/flex/pro/
- InfoSec training and certification guarantees: https://www.infosecinstitute.com/flex/guarantees/
- 100+ training and certification courses: https://www.infosecinstitute.com/courses
source
0 Responses to Getting Started in Red Teaming and Offensive Security