Are you building a Red Team Program this year? I support the idea! Here are some recent blog posts to help you build your case with management:

10 Benefits of Red Team Engagements: https://www.scythe.io/library/10-benefits-of-red-team-engagements

#redteam #infosec #adversaryemulation @scythe_io
SCYTHE Library: 10 Benefits of Red Team Engagements

We have all heard that, “practice makes perfect'', right? This may have been motivating during school, or while playing on a sports team, but what about today? By now, you’ve probably figured out...

https://www.scythe.io/library/10-benefits-of-red-team-engagements
It is a good idea to have an industry proven framework and methodology documented to show you have a plan:

https://www.scythe.io/library/red-team-and-threat-led-penetration-testing-frameworks

#redteam #infosec #adversaryemulation @MITREattack
SCYTHE Library: Red Team and Threat-Led Penetration Testing Frameworks

We are presenting a curated list of all Red Team Frameworks in a central, easy to find location. Leveraging frameworks and methodologies for offensive security assessments is a best practice to show...

https://www.scythe.io/library/red-team-and-threat-led-penetration-testing-frameworks
Testing for initial access and "getting" in provides some value but you may want to operate and run some engagements as "Assume Breach"

https://www.scythe.io/library/breaches-are-inevitable

#redteam #infosec #adversaryemulation #assumebreach
SCYTHE Library: No Rest for the Weary: Breaches are Inevitable

In the past week, we learned that both FireEye and SolarWinds were breached. These two breaches are significant because of the companies targeted and the service/products they sell to the industry....

https://www.scythe.io/library/breaches-are-inevitable
Building Attack Infrastructure is a lot of fun but with many things to consider. Check out this post I did with @jfslowik about Red Team Infrastructure and Malicious Actor infra.

https://www.scythe.io/library/attack-infrastructure-red-teams-vs-malicious-actors

#redteam #infrastructure #adversaryemulation
SCYTHE Library: Attack Infrastructure: Red Teams vs. Malicious Actors

Setting up Attack Infrastructure is an important task performed by Red Teamers and malicious adversaries alike. This week, we chat with Joe Slowik, Senior Security Researcher at Domain Tools, about...

https://www.scythe.io/library/attack-infrastructure-red-teams-vs-malicious-actors
Already building non-attributable infrastructure and wondering if the Executive Order of Know Your Customer for IaaS providers will affect you? Check this post out where @malcomvetter and I discuss ways to obtain non-attributable attack infra: https://www.scythe.io/library/red-team-non-attributable-infrastructure-and-the-executive-order

#redteam
SCYTHE Library: Red Team Non-Attributable Infrastructure and the Executive Order

The January 19, 2021 Executive Order on Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities (mouthful) naturally started various...

https://www.scythe.io/library/red-team-non-attributable-infrastructure-and-the-executive-order
You can also check out the "So, you want to be red teamer?" Webcast @Jean_Maes_1994 and I did. #redteam
Lastly, if you want to learn how to build a Red Team Program check out the 2 day @SANSOffensive Red Team Exercises and Adversary Emulation course: https://sans.org/sec564 

#redteam #SEC564
You can follow @jorgeorchilles.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.