Power To The Purple

Title: Power To The Purple
Abstract:
The modern cybersecurity realm is no longer one where defenders can work in a vacuum and be successful. Conversely, many people are starting to lose faith in the value of penetration testing as a mechanism to measure their organizational security posture. A collaborative milestone driven approach where Red and Blue teams operate in tandem, is necessary to ensure a proactive approach to enhancing the security of our organizations. This is where Purple Teaming comes into play. In this 2-hour hands-on workshop you will be introduced to Purple Team Exercises and play the role of a Cyber Threat Intelligence analyst, Red Team operator, and Blue Team security analyst.
We have set up an isolated environment for each attendee to go through a Purple Team Exercise following the Purple Team Exercise Framework (PTEF). This event will give participants a chance to test out new tools, techniques, and procedures learned during the workshop.

- Key Take Aways:
- Learn the basics of Purple Teaming through the study of the PTEF.
- Setup and utilize Command and Control (C2) frameworks.
- Consume Cyber Threat Intelligence from a known adversary.
- Extract adversary behaviors/TTPs and map them to the MITRE ATT&CK framework.
- Play the Red Team by creating and executing adversary emulation plans.
- Emulate the adversary behaviors in a simulated organization to determine how it would stand up to the adversary.
- Play the role of the Blue Team to hunt for malicious behavior and Indicators of Compromise.
- Deploy and utilize popular defensive tooling such as Sysmon, log ingestors, and SIEMS to aide in threat hunting.