Who Watches the Watchmen - Adventures in Red Team Infrastructure Herding and Blue Team OPSEC Failures

Explore a conference talk on red team infrastructure management and blue team operational security (OPSEC) failures. Delve into the challenges of overseeing large-scale, multi-month red team operations and learn about innovative approaches to maintain control and detect blue team activities. Discover the development and application of RedELK, an open-source tool for infrastructure herding and security information and event management (SIEM). Gain insights into new techniques for identifying blue team OPSEC failures and enhancing red team effectiveness. Examine the latest research findings and witness a demonstration of the updated RedELK version, designed to improve both infrastructure oversight and blue team detection capabilities.

HIP19: Who watches the watchmen? - M. Bergman, M. Smeets