Red Team Testing

Chris Nickerson & Ian Amit | August 2-3 & 4-5


On This Page


Overview

This is NOT a tools course!

Becoming proficient in Red Teaming is NOT something that can be taught only in a classroom. We will have multiple field exercises as well as hands-on classroom sessions.

This course will go over some of the tools and methods you MAY use in a Red Team assessment. Feel free to come up with your own styles.


• You will learn the basics of how to profile attackers and use your imagination to become one.
• Learn to act like a viable adversary of the target.
• Learn to analyze the security processes and technologies that are in place.
• Using what you observe, take advantage of what others have missed, to blend Electronic, Social and Physical security into a converged attack surface.


Who Should Take This Course

Consultants who would like to expand on their breadth of services and provide more value to their customers.Corporate security, audit, and compliance functions who would like to deliver more holistic security to their organization.


Student Requirements

Security practitioners, with at least 2-3 years of experience in information security.Ability to work with multiple operating systems (basic operational familiarity).


What Students Should Bring

Laptop with virtual machines running BackTrack and Windows (XP and above). Native OS can replace one of the VMs (i.e. a Windows OS hosting a BackTrack VM, or vice-versa).


What Students Will Be Provided With

A fully equipped red team bag, which includes our favorite and most used tools - from lock picks, under-door hook, multitool, USB SDR, endoscope, and other physical and electronic security tools…


Trainers

Iftach Ian Amit
With over 15 years of experience in the information security industry, Iftach Ian Amit brings a mixture of Software development, OS, Network and web security to work on a daily basis. He is a frequent speaker at leading security conferences around the world (including Black Hat, DefCon, OWASP, InfoSecurity, etc…), and have published numerous articles and research material in leading print, online and broadcast media.Ian is currently serving as a Director of Services at the leading boutique security consulting company IOActive, where he leads the financial and healthcare verticals in the US, as well as the red team practice globally.

Iftach Ian is one of the founders of the Penetration Testing Execution Standard (PTES), its counterpart - the SexyDefense initiative, and a core member of the DirtySecurity crew.

Iftach Ian holds a Bachelor’s degree in Computer Science and Business Administration from the Interdisciplinary Center at Herzlya.

Chris Nickerson is a Certified Information Systems Security Professional (CISSP) whose main area of expertise is focused on information security and Social Engineering. In order to help companies better defend and protect their critical data and key information systems. He has created a blended methodology to assess, implement, and manage information security realistically and effectively.

At Lares, Chris leads a team of security consultants who conduct Security Risk Assessments, which can cover everything from penetration testing and vulnerability assessments, to policy design, computer forensics, Social Engineering, Red Team Testing and regulatory compliance. Prior to starting Lares, Chris was Director of Security Services at Alternative Technology, a Sr. Auditor for SOX compliance at KPMG, Chief Security Architect at Sprint Corporate Security, and developed an enterprise security design as network engineer for an international law firm. Chris also served in the U.S Navy.

Certified Information Systems Security Professional (CISSP)Certified Information Security Auditor (CISA)BS7799 Lead Auditor Accreditation (BS7799)NSA Infosec. Assessment Methodology (NSA IAM)Specialties: Vulnerability Assessment, Risk Assessment, Compliance, HIPAA,GLBA,PCI,SOX,17799/ 27001, Penetration Testing, Application Security Assessment, Physical Security, Social Engineering.