Building a Successful Internal Adversarial Simulation Team

Explore the intricacies of building and managing an effective internal adversarial simulation team in this comprehensive conference talk from BruCON 0x08. Delve into key concepts such as the Cyberkill Chain, MITRE Attack Framework, and threat analysis. Learn strategies for account discovery, information sharing, and creating formal collateral. Gain insights on measuring defensive and offensive coverage, memory dumping techniques, and the importance of prioritization. Discover methods for evaluating defensive and protection measures, implementing attack frameworks, and developing defensive and attack metrics. Conclude with an exploration of attack automation techniques to enhance your organization's cybersecurity posture.

Intro
Red Team
Cyberkill Chain
MITRE Attack Framework
Analyze Threats
Internal Red Team
Account Discovery
Information Sharing
Creating Formal Collateral
Measuring Defensive Coverage
Measuring Offensive Coverage
Memory Dumping
Point of Skill
Prioritization
Defensive Measurement
Protection Measurement
Attack Framework
Defensive Metrics
Attack Metrics
Automating Attacks