Cas van Cooten
Cas van Cooten is a long-time offensive security enthusiast based in the Netherlands. He has an extensive background in evading defenses by developing offensive security tooling and malware, with a particular interest in using modern languages such as Go, Rust, and Nim to bypass traditional controls. Cas is a strong advocate for community collaboration and frequently shares his research and open-source tools on GitHub and Twitter to help bridge the gap between red and blue teams. Today, he is a co-founder of the Dutch cybersecurity startup Offensys, where he focuses on translating complex adversarial tradecraft into a platform for continuous purple teaming.
Session
While attackers scale their operations through automation, many defenders remain trapped in a reactive, manual cycle of fire-fighting. To regain the advantage, we must evolve from periodic "point-in-time" assessments to a model of continuous assurance. This talk introduces Continuous Purple Teaming (CPT): a pragmatic approach to security testing that uses repeatable attack simulations as a regression test for your defenses.
We will explore the "Simulate, Measure, Prioritize" feedback loop and demonstrate how to apply the Pyramid of Pain in the context of attack simulations. By moving beyond brittle indicators and focusing on behavioral TTPs that are grounded in relevant threat intelligence, you can build detections that are resilient to changing tradecraft. Attendees will leave with concrete design patterns and a framework to start building a mature CPT capability in their own environment.