Home Insights Source Zero DEF CON 2020 Red Team Village Talk - Breaking The Attack Chain September 02, 2020 DEF CON 2020 Red Team Village Talk - Breaking The Attack Chain Despite the rising tide of security maturity, targeted attack chains are often successful due to systemic weaknesses in how modern IT administrators and blue teams operate. This talk focuses on the attacker's perspective on how common attack chains can be stopped before they spiral out of control. We hear from two deeply experienced red team operators whose passion for attacking modern enterprise environments has yielded a great many instructive successes (and failures). This conversation addresses tactics and techniques from successful red team engagements as well as specific countermeasures that would hamstring these attack chains. Read more from Matt Eidelberg: Digging Your Talons In – New Take On Password Guessing ATT&CK Series: Lateral Movement Techniques It’s Not Always About the Perimeter – A Look at Domain Reconnaissance By: Matthew Eidelberg Engineering Fellow | Optiv Matthew Eidelberg is an Engineering Fellow in Optiv’s Threat Management Team (Attack and Penetration specialization). His primary role focuses on leading Threat Management’s Adversary Simulation Services, which address physical, red/purple team, and other advanced assessments. Matthew’s expertise also involves research development, focusing on developing new techniques and tooling for endpoint security bypass and evasion. By: Corey Ham Principal Consultant in Advisory Services | Optiv Corey Ham is a principal consultant in Optiv's advisory services practice on the attack and penetration team. Corey specializes in adversary simulation, penetration testing, and OT/ICS testing. Corey's primary role is to deliver client projects and research. Share: DefCon Red Hacker Cyber Threats Attack Chain Red Team Source Zero Copyright © 2022 Optiv Security Inc. All rights reserved. No license, express or implied, to any intellectual property or other content is granted or intended hereby. This blog is provided to you for information purposes only. While the information contained in this site has been obtained from sources believed to be reliable, Optiv disclaims all warranties as to the accuracy, completeness or adequacy of such information. Links to third party sites are provided for your convenience and do not constitute an endorsement by Optiv. These sites may not have the same privacy, security or accessibility standards. Complaints / questions should be directed to Legal@optiv.com RELATED INSIGHTS BLOG July 22, 2020 Anatomy of a Kubernetes Attack - How Untrusted Docker Images Fail Us An attacker could use a poisoned docker image to break out of a container. See Details Read more about Anatomy of a Kubernetes Attack - How Untrusted Docker Images Fail Us BLOG July 10, 2020 Optiv’s REST API “Goat” Optiv is releasing REST API Goat, a vulnerable API, to help boost AppSec skills. See Details Read more about Optiv’s REST API “Goat” BLOG June 19, 2020 Brute Force Account Testing Using Burp Intruder Burp Suite’s Intruder tool can be used to automate testing for weak/default passwords. See Details Read more about Brute Force Account Testing Using Burp Intruder How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.