Vito Rallo
Vito Rallo is Cyber security expert, visionary innovator, speaker, and Managing Director at Crimson7, with a long history in consulting and an experienced technical profile. Vito has been leading Redteam and pro-active delivery services within global organizations and is actively involved in research and cyber innovation.
Vito has worked for more than 25 years in technology, eighteen of which he's spent in the field of cybersecuri-ty with Financial, Industrial, and Utility sectors, and with a wide network of cybersecurity professionals. He has worked in both, offensive (pentest) proactive and reactive (incident response) security. He is a public event and keynote speaker; Vito is used to give talks at security conferences or roadshows.
Session
Nearly a decade of CREST’s influence has pushed the adoption of threat-informed security and helped miking the concept of “kill-chain” popular. MITRE contributed to systematically organize and document attacks across the kill-chain for strategic planning and atomic simulations are the tool to validate controls.
Still, many organizations struggle to prioritize available threat intelligence and turn simulation outcomes into actions. This gap underscores the need for a better Purple Team. One that doesn’t just produce a report, but actually helps improve defenses.
Purple Teams should be a downplayed “glorified” Red Team where the SOC knows that something is about to happen, learns about the attack technique and tries to catch it live. That’s not the point, nor it is running a series of planned and “continuously repeated” atomic tests; a BAS tool will produce “continuously the same results”. Purple Teams take a broader, more collaborative path aiming to cover a wider range of threats and focusing on strategic efficiency, producing artefacts that can be reinjected into operations for long-term value.