Seeing Purple - Hybrid Security Teams for the Enterprise

Learn about hybrid security teams for enterprise in this 37-minute conference talk from GrrCON 2014. Explore the concept of "purple teams" that combine red and blue team approaches. Discover the importance of threat modeling, attack path modeling, and security exercises. Gain insights into advanced techniques like mutable command and control, external access assessments, and leveraging threat intelligence. Understand the goals and implementation of hybrid security teams, including training users and conducting tabletop exercises. Engage with real-world examples and practical strategies for enhancing enterprise security through a comprehensive, integrated approach.

Intro
Beltface
Example
Ted Talk
The Golden Circle
Why
What
Pyramid
Not For Everyone
The Point
The Hard Truth
How Many Blue Teams
Detect and React
Red teaming as pen testing
Security exercises
Cobalt Strike
Purple Teams
Malware Quote
Feedback Loop
Red vs Blue
Goals
How we do it
Halo
Threat Modeling
Attack Path Model
Tabletops
Exercises
Persistence
Mutable C2
Assessments
External Access
Guest Password
Training Users
Advanced Program Example 2
Threat Intelligence
Leverage
Do Something Right
Questions