Professional Red Teaming - Jacob G. Oakley

Professional Red Teaming

Conducting Successful Cybersecurity Engagements

(Autor)

Buch | Softcover
XIX, 210 Seiten
2019
Apress (Verlag)
978-1-4842-4308-4 (ISBN)
48,14 inkl. MwSt
  • Explains how carrying out cybersecurity engagements involves more than exploiting computers, executing scripts, or utilizing tools
  • Introduces you to counter advanced persistent threat red teaming (CAPTR teaming) as a reverse red teaming methodology to address challenges faced from advanced persistent threats (APTs)
  • Authored by a seasoned offensive security practitioner and published academic who brings a practical, real-world, and tempered approach to cyber operations

Use this unique book to leverage technology when conducting offensive security engagements. You will understand practical tradecraft, operational guidelines, and offensive security best practices as carrying out professional cybersecurity engagements is more than exploiting computers, executing scripts, or utilizing tools.

Professional Red Teaming introduces you to foundational offensive security concepts. The importance of assessments and ethical hacking is highlighted, and automated assessment technologies are addressed. The state of modern offensive security is discussed in terms of the unique challenges present in professional red teaming.

Best practices and operational tradecraft are covered so you feel comfortable in the shaping and carrying out of red team engagements. Anecdotes from actual operations and example scenarios illustrate key concepts and cement a practical understanding of the red team process.

You also are introduced to counter advanced persistent threat red teaming (CAPTR teaming). This is a reverse red teaming methodology aimed at specifically addressing the challenges faced from advanced persistent threats (APTs) by the organizations they target and the offensive security professionals trying to mitigate them.

What You'll Learn
  • Understand the challenges faced by offensive security assessments
  • Incorporate or conduct red teaming to better mitigate cyber threats
  • Initiate a successful engagement
  • Get introduced to counter-APT red teaming (CAPTR)
  • Evaluate offensive security processes


This book is for Offensive security assessors and those who want a working knowledge of the process, its challenges, and its benefits. Current professionals will gain tradecraft and operational insight and non-technical readers will gain a high-level perspective of what it means to provide and be a customer of red team assessments.

Jacob G. Oakley spent over seven years in the US Marines and was one of the founding members of the operational arm of the Marine Corps Forces Cyberspace Command at NSA, Ft. Meade. He left that unit as the senior Marine Corps operator and a division technical lead. After his enlistment he wrote and taught an advanced computer operations course, eventually returning back to mission support at Ft. Meade. He later left government contracting to do threat emulation and red teaming at a private company for commercial clients, serving as principal penetration tester and director of penetration testing and cyber operations. He is currently working as a cyber SME for a government customer. He completed his doctorate in IT at Towson University, researching and developing offensive cybersecurity methods and is the technical reviewer of the book Cyber Operations, second edition, by Mike O'Leary.

Chapter 1: What is Red Teaming?



Goal: Convey to the reader what Cyber Red Teams are, and why they are used



* The Intent of the Cyber Red Team



* Advantages



* Disadvantages



* Proper and improper use



o Not for an Audit



o Not a Blue Team or Vulnerability Scanner







Chapter 2: The Case for Human Hackers



Goal: Convey to the reader the need for ethical hackers as part of the greater security apparatus



* Innovation in Automation



* Human Intuition



* Threat Hunting, not quite proactive enough



* Representing the actual threats which aren't scripts, etc







Chapter 3: The State of Modern Offensive Security



Goal: Convey to the reader the challenges offensive security practitioners face



* The Challenge of APTs



o More Capable



o More Time



o Infinite Scope



o No ROE



* Innovation Obstacles



* Pigeon-Hole & Stigma



o Unrealistic expectations



o Failure isn't an option



* Vague Standards



* Meaningless results



* Adversarial Customers







Chapter 4: Shaping



Goal: An understanding of the discussions and resources that go into the initiation of a successful engagement



* Scoping - Targets



o Personnel involved in scoping



o Black list / white list pros & cons



* Scoping - Schedule



o Overall window



o Daily window



* Staffing



* Tools



o Custom tools



o Custom assessors (SCADA, etc)



o Open source



o Industry norms







Chapter 5: Rules of Engagement



Goal: convey to the readers an understanding of the various ROE components and how to create a realistic and successfully implemented ROE



* Goals of the ROE



* Different kinds of tests and their requirements in ROE



o Wireless



o Physical



o Social Engineering



o External



o Internal



* Appropriate personnel



o Contractors vs customer



o Tester information



Source IP



Contacts



Chain of command



o Legal vetting



* Do's and Don'ts







Chapter 6: Executing



Goal: convey to the readers aspects of professionally executing a red team engagement.



* Being a Professional Thief



o Breaking in is fun, but not always needed



o Understanding the impact of your actions and attitude



o The importance of communication



Updates



Interaction



* Good Tradecraft



* Keeping an eye out for real threats



o Hackers



o Inside threats



o Extremely dangers situations



o Illegal situations







Chapter 7, tentative title: Reporting



Goal: convey to the readers aspects of impactful red team reporting



* What to include and how



o The audience is typically much less technical



o Don't make people worried for their jobs



* Offering mitigating circumstances



* Severity of findings



o Danger to the system



o Danger to the organization



* A No findings Report







Chapter 8: Purple Teaming



Goal: convey to the readers the challenges, disadvantages and benefits of purple teaming



* What is purple teaming



* The witting host



* The smokey jab



* The helpful Hacker



o Helping fix







Chapter 9: Counter-APT Red Teaming, a Reverse Red Teaming concept



Goal: convey to the readers the high level concept of CAPTR Teaming



* Scoping Changes: Worst-Cast Scenario Risk Assessment



* Process Changes: Initialization Perspective & Reverse Pivot Chaining



* Reporting Changes: Cost Benefit Improvement







Chapter 10: Outcome-Oriented Scoping Process



Goal: Convey to the reader how CAPTR Team scoping is accomplished



* Worst-Case Scenario Risk assessment



* Centrality Analysis



* Asset Prioritization and the Risk Apogee







Chapter 11: Initialization Perspectives



Goal: Convey to the reader use of the Critical Perspective



* Traditional Perspectives



* Critical Perspectives



* The Big Picture







Chapter 12: Reverse Pivot-Chaining



Goal: Convey to the reader how to conduct reverse pivot chaining and its benefits



* Local, Passive Intelligence Gathering



* Reverse Risk Relationships



* Pivoting







Chapter 13: The Aggregate Exposure Topography



Goal: Convey to the reader how to conduct CAPTR Team reporting and its benefits



* The web of Reverse Risk Relationships



* Centrality Analysis and Cumulative Risk Cardinality



* Creating a Strategy of Hierarchical Threat Mitigation







Chapter 14: Evaluating Offensive Security Processes



Goal: Convey to the reader the challenges and needs involved in evaluating such a tradecraft driven art-like process in information security



* Evaluating Traditional Security Technology



* Defensibility Requirements



* Appropriate Test-Bed







Chapter 15: The Experiment



Goal: Convey to the reader experiment design for evaluating CAPTR Teaming, the Experiment process and results.



* Design



* Procedure



* Results

Erscheinungsdatum
Zusatzinfo 46 Illustrations, black and white
Verlagsort Berkley
Sprache englisch
Maße 178 x 254 mm
Gewicht 448 g
Einbandart kartoniert
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Schlagworte cybersecurity • Cybersicherheit • IT-Sicherheit • Netzwerksicherheit • Red Teaming
ISBN-10 1-4842-4308-0 / 1484243080
ISBN-13 978-1-4842-4308-4 / 9781484243084
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00