Time
3 hours
Difficulty
Beginner
CEU/CPE
3

Video Transcription

00:00
Hello. Welcome everybody to the ex Vigilance. I bury Section three Ready Timmy Context and Purpose
00:09
to throw the opening. So this section addresses a Siri's off issues, including the context off reteaming, those that are suitable and those that are not. It also explores their purpose off there. A teeming what is supposed to achieve
00:25
gala next from personal traditional or a teeming activities will be outlined,
00:29
and Israel
00:31
and their issues around the design off Taylor threatening activities will be discussed. Most off their armies. Activity are immutable to red teaming. In fact, let me provide valuable clarity and assumption checking during any part off the decision making cycle
00:50
were export contexts for Red Team.
00:55
There are a multitude of contexts in which red teaming may usefully be applied, where we list anticipating developments in adversary capability and studies, and the requirements for own plan, chance or adaptations,
01:11
and a distinct the factors and the lying critical aspect off organization, team or individual performance and how these are impacted by chance in contact or violent
01:25
training individuals or teams in specific activities, particularly those that are more effectively learned through deeper understanding and that the test and retest often unit organizations. Activities with the red team incompetent to provide immediate analysis
01:44
and feed book
01:46
testing. Off new plants, procedures and tactics to engine for gaps and issues and implement immediate images. All actions
01:56
We can't move on without quiz. Let's see the question. Which of the following is a context for a teeming,
02:04
draining individuals or teams in all activities,
02:07
or anticipating developments in adversary capability and studies, or no need to test more than one time?
02:15
All right, then. Stories
02:19
Anticipating developments in adversary capability and studies
02:25
purpose off we're teaming.
02:29
The main purpose of for a teeming could be listed in four main categories. The 1st 1 is understand In this activity, the blue team attempt to understand the red team and how the red team
02:42
he receives them
02:44
by understanding the red team Any existence, any existing flows can be exposed
02:52
anticipate. Many reteaming activities, particularly military ones, are aiming at participating what they were. A team will do
02:59
these activities involved, viewing the scenario from enemy's perspective and predicting what they would most likely do considering their motive, motives, resources and abilities.
03:13
What the next one is test activities, not involved. Testing systems usually bring on previous understanding and participate
03:22
activities. That means by testing system with the red teaming method, the weakness are clearly exposed.
03:30
Finally, a train or a team in training activity designed to educate participants about how there were team things or could potentially act.
03:40
This may also involved training in response percenter for their teams participated. Actions
03:51
User. There's a quiz, and there is a question off course. Which of the following our main categories off. We're teaming purpose.
04:00
I understand.
04:00
Participate, test and filing the train or understand Aeltus paid this,
04:08
then a run.
04:09
All understand participate coffee gyu Entering
04:14
the right question, of course, is understand all dissipate this entering right
04:20
I know that you note. Yes,
04:24
we go to the export planning for best effect. This is the part where the written need to do their best to have a better outcome.
04:33
Several lessons have Bean didn't fight for missing recent threatening activities, and this need to be shared too well. Prevent other spitting.
04:43
They're repeating them. Wherever it's possible,
04:46
we can divide them into key area. First key is preparation. The preparation face is where much off the effort is spent for a teeming activities ensuring that the right information scenery you part if sip ins and the support mechanisms are in place,
05:04
like planning with enough low time
05:08
selecting or electrical fun, appropriate targeted, set off participant to act as red team selection off appropriate stuff for or Rose also may be planning for a risible intensity and duration off activity
05:24
and the selection off appropriate locations.
05:28
The next one is
05:30
facilitators somewhere. Atomic activities do not require facility that there is, for example, the small scale activities which involved political thinking or an anti analytical take. Ning's being applied by one or two people.
05:45
The blue team, the famous one. The blue team must be prepared for the type of activity being conduct and the full knowledge of what to expect.
05:55
We can't talk about routine without writing a team as perfect eyes previously mentioned, their composition depends on questions need to be answered and what the activity needs to receive with. So in the last video that you mentioned the three key questions,
06:15
the 1st 1 is
06:16
what is being test. The signal is what knowledge needs to be gaining from the testing and the last one. How should it be test to produce the best outcome
06:30
and the hair we are Would another key red teaming ground rules from all participants in order for the larger scale atomic activities to function correctly and produce meaningful outcomes, the basic ground rules outlined here must be applied to both the red team
06:47
and blue team participants
06:49
wherever possible, like general conduct, where you don't take anything personal, personal and question everything, it's better. Also, don't use such phrase like that we never happen or anyone it off because I said so
07:09
and the last one is
07:11
cultural issues. It will be noted that
07:15
hear that why we're a teeming in chorus free discussion and expression off questions, an idea which rely on gun
07:24
conducive at most for that support free speech and encourages commanders and high ranking officers in military, for example, and policing are in us to discuss issues with their subordinates.
07:39
We need to take in consideration that some subject need experts. Also, individual individual rank should not impact on the process and always the reason we need to record every information. So in the report, you may need to you don't have
07:58
the time or maybe you forget
08:01
some informations so you need to record everything.
08:07
Guess what? It's a quiz, of course,
08:11
and the question is, in which phase we're a team. Spent much effort in collecting information,
08:16
been testing the system or preparation,
08:20
and the tents were eased.
08:22
Preparation.
08:24
He is.
08:28
I can't speak about Red Team or a teeming applications without an example, and I truly loved those example. The 1st 1 is locked. Shields is among the world's outstanding cyberattacks simulations. For two days, international teams off hackers and system admits play both sides off your game
08:48
simultaneously. It's me
08:48
tenuously attacking and defending critical infrastructure.
08:54
The details are realistic. Ce on the exercise reflect reward geopolitics. It's a training ground for frontline operators in rapidly involving from warfare, in which network administrators at bank electrical plants and government offices, offices
09:11
R us crucial to countries, defense,
09:15
us one informant groups. So let's see some images.
09:20
The 1st 1 is here. Well, that's amazing. What to Work of team.
09:26
And the 2nd 1 is
09:28
when John Hancock, innate United States secretary off the army, showed up for a visit you currently say's for an instant. It felt like a real war.
09:41
The next
09:41
image is on site lowers concert the Italian Monreal toe to figure out what advice to give next.
09:50
Then it's the question. As you see her, participants are
09:54
worry and fighting the tricks and strategy
09:58
from to come here
10:01
and lust.
10:01
One image is what happens
10:05
if you look. If there is a question, what happens if you book will help the conference Center for cyber Difference exercise?
10:13
Believe me, you need a lot more electricity and air conditioning than you initially thought.

Up Next

Red Team Guide

In this course you will learn the skills and knowledge involved in carrying out Red Team techniques within your organization.

Instructed By

Instructor Profile Image
Hamza M'Hirsi
Information Security Analyst at Barac.io
Instructor