Sign up to save your podcasts
Or
Share When Red Teams Break Down
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
When Red Teams Break Down
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-when-red-teams-break-down/)
What happens when red team engagements go sideways? The idea of real world testing of your defenses sounds great, but how do you close the loop and what happens if it's not closed?
Check out this post for the basis for our conversation on this week's episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and our sponsored guest, Dan DeCloss, founder and CEO, PlexTrac.
Thanks to this week's podcast sponsor, PlexTrac.
PlexTrac is a revolutionary, yet simple, cybersecurity platform that centralizes all security assessments, penetration test reports, audit findings, and vulnerabilities into a single location. PlexTrac vastly improves the risk management lifecycle, allowing security professionals to generate better reports faster, aggregate and visualize important analytics, and collaborate on remediation in real-time.
On this episode of Defense in Depth, you'll learn:
- Don't make the mistake of red teaming too early. If you don't have your fundamental security program in place, you'll be testing out non-existing defenses.
- If you're just starting to build up your security program, conduct a vulnerability scan and do some basic patch management.
- A red team exercise exists to discover risks you didn't even know about and couldn't have predicted in your threat model exercises.
- Have a plan of what you're going to do after the red team exercise. Just discovering you've got problems with no plan to remediate them will not only be a waste of money, but will also breed discontent.
- Don't red team just to fill out an audit report. You can do a vulnerability scan for that.
- Consider moving the red team to purple to actually help the blue team remediate the findings.
- If you don't have a plan for remediation you'll find yourself running the same red team and filling out the same report.
- Prioritize! The red (now purple) team can greatly help along with those who've assessed business risks.
- First to remediate are the ones that are high impact and easy to execute. The rest is determined by an analysis of likelihood and impact.
View all episodes
By David Spark, Steve Zalewski, Geoff Belknap
4.8
7373 ratings
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-when-red-teams-break-down/)
What happens when red team engagements go sideways? The idea of real world testing of your defenses sounds great, but how do you close the loop and what happens if it's not closed?
Check out this post for the basis for our conversation on this week's episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and our sponsored guest, Dan DeCloss, founder and CEO, PlexTrac.
Thanks to this week's podcast sponsor, PlexTrac.
PlexTrac is a revolutionary, yet simple, cybersecurity platform that centralizes all security assessments, penetration test reports, audit findings, and vulnerabilities into a single location. PlexTrac vastly improves the risk management lifecycle, allowing security professionals to generate better reports faster, aggregate and visualize important analytics, and collaborate on remediation in real-time.
On this episode of Defense in Depth, you'll learn:
- Don't make the mistake of red teaming too early. If you don't have your fundamental security program in place, you'll be testing out non-existing defenses.
- If you're just starting to build up your security program, conduct a vulnerability scan and do some basic patch management.
- A red team exercise exists to discover risks you didn't even know about and couldn't have predicted in your threat model exercises.
- Have a plan of what you're going to do after the red team exercise. Just discovering you've got problems with no plan to remediate them will not only be a waste of money, but will also breed discontent.
- Don't red team just to fill out an audit report. You can do a vulnerability scan for that.
- Consider moving the red team to purple to actually help the blue team remediate the findings.
- If you don't have a plan for remediation you'll find yourself running the same red team and filling out the same report.
- Prioritize! The red (now purple) team can greatly help along with those who've assessed business risks.
- First to remediate are the ones that are high impact and easy to execute. The rest is determined by an analysis of likelihood and impact.
More shows like Defense in Depth
View all
Hacked
187 Listeners
Security Now (Audio)
2,010 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Risky Business
372 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,020 Listeners
Smashing Security
319 Listeners
Click Here
416 Listeners
Darknet Diaries
8,055 Listeners
Cybersecurity Today
180 Listeners
Hacking Humans
314 Listeners
CISO Series Podcast
189 Listeners
Cyber Security Headlines
139 Listeners
Risky Bulletin
44 Listeners
Hacker And The Fed
169 Listeners