Enigma 2019 has ended
Wednesday, January 30 • 1:30pm - 2:00pm
If Red Teaming Is Easy: You're Doing It Wrong

Sign up or log in to save this to your schedule and see who's attending!

Red Teaming is a popular topic for both internal security teams, and for external contractors to emulate real world attacks and improve defenses. Going beyond the pentest model, Red Teaming delivers inarguable results that critically inform detection, prevention and response for an organization's security. However, it is often thought of as the "easy" side of InfoSec, and many Red Teams operate on a "win and go home" model. It can be quite easy, but if it is, you're not achieving the true goal: improved security at an organization or company via an adversarial perspective.

In this talk, Aaron will explore how proper Red Teaming can be extremely challenging, how it often requires understanding an organization functions, knowing how to attack different technology stacks, even exploring business risks, insider threats and abuse. To have an impact or achieve a compromise, sometimes a team may need to understand the target areas more than the people who create or maintain them. However popular Red Teaming is now, and whatever is being targeted, we're only scratching the surface of what is possible.


Aaron Grattafiori

Aaron Grattafiori leads the Red Team at Facebook, where he focuses on offensive security, vulnerability research, adversary simulation, and performing bold full scope operations. Previously, Aaron was a principal consultant and research lead at iSEC Partners/NCC Group for many years... Read More →

Wednesday January 30, 2019 1:30pm - 2:00pm
Grand Peninsula Ballroom ABCD

Twitter Feed