To get the most out of your red and blue teams and to improve detection and response capabilities, give them a common goal; ensuring a company's controls are effective and working as intended, AKA Purple Teaming. I will cover the benefits of this approach. I will walk you through some of the early challenges we faced and how we overcame these. How we leveraged the MITRE ATT&CK Framework to establish a common language and approach as well as how we measured success through each engagement.

Bio: Matt Thelen has been in IT for 14 years with 11 years devoted to IT security. For the past 5 years Matt has worked as a pen tester on the offensive security team at Enterprise Holdings earning the GIAC GXPN and OSCP certifications. He participated as a subject matter expert in the job task analysis and item writing workshop for the CompTIA PenTest+ certification. Prior to Enterprise, Matt worked as a consultant focusing on a wide array of IT, from business continuity planning and risk assessments to impact analysis and printer support. Before getting into the IT field, Matt spent 6 years in the US Army Infantry.

Back to ShowMeCon 2019 video list