With the adoption of endpoint detection and response tools as well as a higher focus on behavior detection within organizations, when simulating an adversary it?s important to understand the systems you are targeting. This talk will focus on the next evolution of red teaming and how defeating defenders will take more work and effort. This is a good thing! It?s also proof that working together (red and blue) collectively, we can make our security programs more robust in defending against attacks. This talk will dive into actual simulations where defenders have caught us as well as ways that we have circumvented even some of the best detection programs out there today. Let?s dive into baselining behavior and refining our tradecraft to evade detection and how we can use that to make blue better.

Back to GrrCON 2019 video list