Hi everyone, this is the first in a series of 4-5 posts related to our Red-Team Training class offered during BlackHat USA 2013.
First things first - why? Well, we only have two days, and trust us, they are going to be packed. Therefore, we figured it would be best to provide some background material and previews on what to expect from the training.
First, Red Team. The term itself is overused and abused. This is especially true with the demise of "penetration testing" which has replaced "vulnerability scanning" as the term-du-jour in the security industry. Red Teaming depicts the pinnacle of security and risk assessments for organizations.
It means a no holds barred testing of one's security and is not limited by scope of a certain technological, social, organizational or physical aspects. In a red-team engagement the point is to simulate a real-world adversary. This is in contrast to more traditional (penetration testing and vulnerability assessments) engagements where specific aspects of the technical infrastructure of the organizations are reviewed for their security posture.
In the training, we will focus on how red team engagements are ran, and how to provide the best value for the organization they are conducted against.
The training will combine Red Teaming methodology aspects, as well as technical and hands-on portions in order to gain a bit of experience in how engagements should be executed in the field.
From a "what you get" perspective - one thing to note is that this is NOT a tools class. Tools are part of every red team engagements, but are not the point of it. Tools can be used interchangeably, and should be used based on the specific challenge at hand and personal taste. There is no "one tool to rule them all" - especially in red-teaming. However, as we try to make sure the training has enough hands-on portions, tool usage will be part of the two day ordeal, and we'll have a chance to use them in situations similar to actual red-team engagements.
So to conclude the first post in this series - we are expecting a packed schedule, where we will vary between methodology and hands-on practice, we'll get to do some field-work (and in Vegas of all places. get your lawyers/livers ready), and last but not least - have fun! Our goal for the training is to get everyone to a state of mind of constant observation and criticism of anything security. In the past we managed to build our trainings around our classes (i.e. you!) and are really looking forward to challenging ourselves (and everyone who will be in the class) again.
Lastly, and we'll save some surprises for later posts, everyone in the training will walk away with actual tools they would use on red-team engagements.