2024-08-07 –, Emerald
The hands-on workshop has been created to provide the participants with a better understanding of adversary emulation engagements. The participants will be able to emulate various threat-actors safely in a controlled, enterprise level environment, safely. All machines in the lab environment will be equipped with Anti-Virus, Web proxies, EDR and other Defense systems. The training will have detailed modules of each attack vector used in the lab environment and step by step walk-through of the attack path of an entire enterprise network. The training is intended to help the attendees to assess the defenses and evaluate the security controls deployed in their organization against motivated adversaries.
The training starts by giving a thorough look at adversary emulation engagements, focusing on the basics needed for strong defense strategies. Understanding cyber threat intelligence is highlighted as crucial for shaping defense plans. The program also covers topics like cyber defense systems, the importance of blue teams, and the rising significance of collaborative purple teaming efforts. Participants will get familiar with frameworks like the MITRE ATT&CK matrix, which helps make sense of the changing world of threat actors.
The training session dives deeper into adversary emulation, providing a detailed exploration of its core concepts, frameworks, and tools. Participants will discover how to use actionable cyber threat intelligence to plan and carry out adversary emulation exercises. This involves understanding, selecting, and mimicking different tactics, techniques, and procedures (TTPs). They'll get hands-on experience testing security controls on endpoints and using tools like Atomic Red Team and the MITRE Caldera project for comprehensive emulation activities. The program also touches on emulating specific threat actors like APT 29, Sandworm and using tools like the ATT&CK Navigator for structured emulation exercises. Finally, participants will explore emulating ransomware in safe environments, evaluating its impact through emulation, and integrating purple teaming practices into their organization's security framework, all aimed at better reporting and presentation skills.
Abhijith B R, also known by the pseudonym Abx, has more than a decade of experience in the offensive cyber security industry. He is a professional hacker, offensive cyber security specialist, security researcher, red team consultant, trainer, and public speaker.
Currently he is involved with multiple organizations as a consulting specialist, to help them build offensive security operations programs, improve their current security posture, assess cyber defense systems, bridge the gap between business leadership and security professionals. In the past, he managed offensive security operations for Envestnet, Inc., held the position of Deputy Manager - Cyber Security at Nissan Motor Corporation, and prior to that, he worked as a sr. security analyst at EY.
As the founder of Adversary Village (https://adversaryvillage.org/), Abhijith spearheads a community initiative focused on adversary simulation, adversary-tactics, purple teaming, threat actor/ransomware research-emulation, and offensive cyber security.
Abx also acts as the Lead of DEF CON Group DC0471, he is actively involved in leading the tacticaladversary.io project. Abhijith has spoken at security conferences such as Nullcon, c0c0n, BSides, DEF CON 28 safemode - DCG Village, The Diana Initiative, Opensource India, Adversary Village at DEF CON 29, DEF CON 30, RSAC 2023 etc.