Learning To Love Your Attackers

Expo Theatre (Hall G) October 20, 2015 - Feedback     

Bookmark and Share

Ryan Linn

Opposing Forces (OPFOR) training is used by the military to help create realistic scenarios so that when they are deployed in battle they aren’t encountering situations for the first time. Whether it’s battle or incident response, that reaction time is critical to the success of a team. Most organizations have some degree of penetration testing as part of their security program, but by not utilizing it as part of an OPFOR program, they are missing out on the most critical part of a strong security program; the people. By focusing on real world attack scenarios you can both improve your security by testing constraints, but also test your ability to respond to attacks. This in turn helps lower the time from compromise to detection and from detection to response, allowing incident response teams to mitigate the attack before it becomes newsworthy. This talk will discuss how to build one of these programs, how to engage testers in order to accomplish this, and goals that should be set to help make this process successful.