Improving Cyber Resilience Through Micro Attack Simulations

Explore an innovative approach to enhancing cyber resilience through Micro Attack Simulations in this conference talk from BruCON Security Conference. Learn how organizations at various stages of security maturity can benefit from validating specific security controls without waiting for full-scale Red Teaming exercises. Discover how these simulations assess both technical and non-technical security controls, including escalation procedures and reporting paths during security incidents. Gain insights from an anonymized case study demonstrating the modeling of potential attack trees and the technical execution of a Micro Attack Simulation, which involved validating security controls around a successful ransomware attack on server infrastructure. Understand how the simulation incorporated actual data encryption, multi-node compromise using Cobalt Strike, custom-written out-of-band command-and-control channels, and testing of crisis management processes through ransom notes and emails. Delve into the benefits of deriving specific Red Team unit tests and performing gap analysis of existing security controls to improve overall cyber resilience.

11 - BruCON 0x0F - Improving Cyber Resilience - Christian Schneider & kevin Ott