当前位置:首页 > 报告详情

威胁模拟专家的一天——揭秘进攻性网络安全.pdf

上传人: 可*** 编号:991831 2025-12-07 40页 5.38MB

1、John RodriguezCyb3rH0undCyber Dagger LLCA Day in the Life of a Threat Emulation SpecialistDemystifying Offensive SecurityWHO DATJohn Rodriguez cyb3rH0und15 years in ITBig 4 FirmFinance Telecoms Offensive OperationsUSAF Primarily FocusedAPT EmulationRed Team BuildingSecurity Solution TestingCapabilit

2、y DevelopmentTraining and EducationAgenda01Intro to Offensive SecurityIndustry,Specialty 02Offensive MethodologyThreat Emulation,Red Teaming,Psychology,Tactics 03A Typical Day in the RoleClients,Taskings,Planning,Training04Essential SkillsTechnical skills,Soft skills,Mentality05Career&GrowthBridging

3、 technical and soft skills WHY OFFENSIVE SECURITY?Prepare organizations to face the current threat landscapeThreat ActorsHacktivistCyber WarfareAmateur HackersMisconfigurationsComplianceWHY OFFENSIVE SECURITY?Stealthy Persistence Mechanisms:Injects malicious code into legitimate processes to evade d

4、etection.Uses rootkit capabilities to maintain long-term access.Sophisticated Command and Control(C2)Infrastructure:Cloud On-premCustom Tooling:Uroburos sophisticated rootkitKuzuar ImplantCarbonCustom CapabilitiesWHO CAN JOIN THE FIELD?NewcomersCareer PivotersAspiring Cyber ProfessionalsAnyone with

5、a passion to learn and serve 01When the path you walk always leads back to yourself,you never get anywhere-Master OogwwayIntro to Offensive SecurityWHAT IS THREAT EMULATION?IoTAerialEnterpriseHardwareTech StacksSpace SystemsWHAT IS THREAT EMULATION?Typically,a better return on investment for matured

6、 security programs.Do you need to validate defenses against a specific threat Salt Typhoon,APT 28,APT 29 Threat EmulationWHAT IS THREAT EMULATION?Penetration Testing-Identify,Validate,Reportsecurity vulnerabilitiesRed Teaming Stealthy Larger Scopes6-12 weeks or continuous02Never tell people how to d

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
客服
商务合作
小程序
服务号
折叠