do 2 november | 14:00 - 14:45
Theater 11: Seminars powered by Computable

Red Teaming, getting the most out of it

Red Teaming is the new kid on the block of buzz words. It seems that if you don't do red teaming you're supposed to be old fashioned.
But as with any buzz word, its unclear what Red Teaming actually is. Or better, what it should be. Is Red Teaming the solution to al your security challenges? Is it a starting point for securing your environment? Is it a pentest without limitations or scope?

During this presentation we'll dive into the key differentiating factors of Red Teaming when comparing to other approaches. We elaborate on why we see Red Teaming as a training for your organization, but mainly after you've implemented preventive, detective and response capabilities and when you're ready to test and train these capabilities. We'll also share some thoughts on how to train your organisation instead of testing specific security measures.
Cyber security
Mark Bergman, Application Security Wizard
Where it all began
When mobile phones made their introduction, it became a teenage sport to dial friends anonymously, have it ring a few times and hang up (as no one had money for actual conversations). I got annoyed with this game and invented a hack for this: I used my dad's Intel 286 with QBasic to write a tool that could dial a number anonymously every N minutes for X hours or days in a row. It was fun building it, but I ended up never using it other than on my testing phone.

When I was close to finishing my secondary school, I wanted to get my hands dirty instead of working my way through University. I applied for a unique internal education at ING bank. I was the youngest applicant, but got hired.

Where it went to from there
Starting coding COBOL85 at the ING mainframes at the age of 16 I swiftly learned several programming languages and querying formats. After aiding in compiling the first TCP/IP stack on the ING test mainframe I decided to dive into WinNT development and before I knew it I was digging in the concepts of classic memory overflows and how they can be abused to gain access or more rights.

After my adventure at ING, I spent 4 years at KPMG. In 2016 I co-founded Outflank. Together with 3 former KPMG colleagues we decided to combine our skills to do even cooler security projects and be able to help our customers as our combined experience adds up to over 40 years of highly specialized expertise and a wide variety of knowledge. We now perform advanced attack simulations where we mimic a real hacker threat and purposely trigger alarm mechanisms in order to give organizations the field training on security they often need so much.

My coolest project ever
I love going where others don't go, from DIY to car restauration and sports, but also in security. The most thrilling project was a more recent attack simulation where my goal was to keep the command & control infrastructure running, refreshing and anonymized while the customers blue team was blocking IP's and profiling our communications. Developing against a cloud providers API, I was able to keep an attacker infrastructure growing at a rate of 40 NEW systems in approximately 60 seconds. Hacking together own tools and scripts in order to keep ahead of everything!