Martin Grottenthaler (senior information security consultant at SBA)
Talk language: English
This meeting is organized as an on-site event only.
How to (not) do Red Teaming – an orientation
In this meetup we will answear the question: How do you improve IT security of your company with a limited budget?
The most obvious way to test your security measures is to employ somebody who tries to do the same things an attacker would do. In this talk, I will explain why this is not the best strategy and what I think is the best way to improve your security while keeping spending low.
There are different security testing methods, not all of them make sense for the same types of problems. I will explain what common test methods there are, and which make sense for which use case.
The primary focus will be on the often-misunderstood Red Teaming. Red Teaming is an approach where real attackers are simulated, and the defenders are challenged by this real-life scenario. I will explain how it works, why most people are doing it wrong and when it is a suitable time to employ it. Spoiler alert: it is not an effective way to find vulnerabilities.
Security is always about making the attacker’s life harder. We want to spend as little as possible but impede malicious actions as much as possible. Let’s spend our resources in the most efficient way possible to not play in the hands of the bad folks!
This is our first talk in a meetup series talking about real-life attacks and securing the network against them. The next one will talk about common phishing scenarios.
18:15: Talk: “How to (not) do Red Teaming – an orientation”
About the Speaker
Martin specializes in technical aspects of information security, with a focus on internal company networks, especially Windows environments. He conducts penetration tests, red teaming engagements, workshops, and technical audits in this field.
Additionally he is an instructor for trainings on hacking and securing Windows networks and cloud environments.