Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Cybersecurity Attacks – Red Team Strategies
Cybersecurity Attacks – Red Team Strategies

Cybersecurity Attacks – Red Team Strategies: A practical guide to building a penetration testing program having homefield advantage

Arrow left icon
Profile Icon Rehberger
Arrow right icon
Can$39.99 Can$44.99
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8 (9 Ratings)
eBook Mar 2020 524 pages 1st Edition
eBook
Can$39.99 Can$44.99
Paperback
Can$55.99
Subscription
Free Trial
Arrow left icon
Profile Icon Rehberger
Arrow right icon
Can$39.99 Can$44.99
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8 (9 Ratings)
eBook Mar 2020 524 pages 1st Edition
eBook
Can$39.99 Can$44.99
Paperback
Can$55.99
Subscription
Free Trial
eBook
Can$39.99 Can$44.99
Paperback
Can$55.99
Subscription
Free Trial

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Table of content icon View table of contents Preview book icon Preview Book

Cybersecurity Attacks – Red Team Strategies

Chapter 1: Establishing an Offensive Security Program

Establishing an offensive security program within an organization might seem a challenging task compared to just compromising its assets, but it is one of the most exciting tasks to perform as a penetration tester, lead, or manager. Being there to actively design a strategy for changing the security culture of an entire organization is a great opportunity, and it is rewarding and a lot of fun.

As a leader and manager of an offensive security team, it is critical to set clear principles and a vision and rules for the team. This chapter will discuss the aspects to consider and provide some ideas about how to build a strong foundation.

The following topics will be covered in this chapter:

  • Defining a practical mission for a cyber-operational red team program
  • Finding support among and influencing leadership to establish a red team program
  • Strategies on where in the organization the red team should be situated
  • ...

Defining the mission – the devil's advocate

At a high level, one of the best ways to look at a red team is to consider it the devil's advocate. The vision is to ensure alternative views are considered and that stakeholders are held accountable. The program is there to provide reality checks at times of forming a consensus. This is done by demonstrating not just the theoretical but the real-world impact of exploiting weaknesses and informing the organization's risk management process and leadership.

In many ways, an offensive program fulfills a security testing function within the organization, a sometimes rare but much-needed function in the modern world of software engineering, full-stack development, and DevOps.

To run an effective internal offensive security program, a simple yet inspiring mission to help communicate the purpose and motivate the team is important. The mission should be about what is being done, there is no reason to dive into how something...

Getting leadership support

To run a successful red team program, it is critical to have active leadership support.

One of the big benefits of an offensive security program and red teaming generally is that they are there to keep everyone honest. Trust but verify. The support of the Chief Security Officer (CSO) is probably easy to get, but the support must be beyond that; it must include the other executive levels of the organization as well. This can't be stressed enough; if you do not have executive buy-in, the effectiveness and outcomes of the program will be limited. Getting long term buy-in might be achieved by using various strategies, including providing data and providing actual breach results, explaining how they impact the organization.

Convincing leadership with data

When looking at data, it is useful to look at the competitive landscape and analyze recent breaches that have occurred in the industry, and the associated impact they have had on organizations...

Locating a red team in the organization chart

Initially, I would not spend too much time thinking about where in the organization the offensive security team should be located. If you are just starting out, it's most likely that only one full-time person is tasked with offensive security work. The more critical part at that stage is to get executive sign-off and support to perform offensive testing and deliver results. The bias should be toward action at first and to demonstrate a positive impact. In some organizations, the program is entirely outsourced, and only logistics are driven internally, although typically the desire to build an internal team will grow.

A typical organization structure will probably put the offensive security team in either the defense and response part of the company or as a function of a Security Assurance team. I have also seen offensive security teams being put in legal and compliance areas of companies. A lot of this depends on the size and structure...

The road ahead for offensive security

When it comes to successfully managing an offensive security program, it's critical to define an overall roadmap that acts as a foundation and guidance going forward. Think of a high-level plan for the next two or three years. Most likely the program will grow organically if the initial investments are fruitful and the return on investment is made visible. This is what I have observed across different organizations that have implemented an internal offensive security program. In the beginning, start out small, and one or two years later it grows into an actual team of full-time employees. Overall, there are possibly two options initially. One is to build a program and a team from scratch, and the other one is to use already existing resources that can be leveraged.

Building a new program from scratch

If you are starting out from scratch it might seem rather intimidating, but it's also a great opportunity. The most likely scenario...

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Build, manage, and measure an offensive red team program
  • Leverage the homefield advantage to stay ahead of your adversaries
  • Understand core adversarial tactics and techniques, and protect pentesters and pentesting assets

Description

It's now more important than ever for organizations to be ready to detect and respond to security events and breaches. Preventive measures alone are not enough for dealing with adversaries. A well-rounded prevention, detection, and response program is required. This book will guide you through the stages of building a red team program, including strategies and homefield advantage opportunities to boost security. The book starts by guiding you through establishing, managing, and measuring a red team program, including effective ways for sharing results and findings to raise awareness. Gradually, you'll learn about progressive operations such as cryptocurrency mining, focused privacy testing, targeting telemetry, and even blue team tooling. Later, you'll discover knowledge graphs and how to build them, then become well-versed with basic to advanced techniques related to hunting for credentials, and learn to automate Microsoft Office and browsers to your advantage. Finally, you'll get to grips with protecting assets using decoys, auditing, and alerting with examples for major operating systems. By the end of this book, you'll have learned how to build, manage, and measure a red team program effectively and be well-versed with the fundamental operational techniques required to enhance your existing skills.

Who is this book for?

This is one of the few detailed cybersecurity books for penetration testers, cybersecurity analysts, security leaders and strategists, as well as red team members and chief information security officers (CISOs) looking to secure their organizations from adversaries. The program management part of this book will also be useful for beginners in the cybersecurity domain. To get the most out of this book, some penetration testing experience, and software engineering and debugging skills are necessary.

What you will learn

  • Understand the risks associated with security breaches
  • Implement strategies for building an effective penetration testing team
  • Map out the homefield using knowledge graphs
  • Hunt credentials using indexing and other practical techniques
  • Gain blue team tooling insights to enhance your red team skills
  • Communicate results and influence decision makers with appropriate data

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Mar 31, 2020
Length: 524 pages
Edition : 1st
Language : English
ISBN-13 : 9781838825508
Category :
Concepts :
Tools :

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Product Details

Publication date : Mar 31, 2020
Length: 524 pages
Edition : 1st
Language : English
ISBN-13 : 9781838825508
Category :
Concepts :
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just Can$6 each
Feature tick icon Exclusive print discounts
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just Can$6 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total Can$ 195.97
Adversarial Tradecraft in Cybersecurity
Can$69.99
Privilege Escalation Techniques
Can$69.99
Cybersecurity Attacks – Red Team Strategies
Can$55.99
Total Can$ 195.97 Stars icon

Table of Contents

16 Chapters
Section 1: Embracing the Red Chevron down icon Chevron up icon
Chapter 1: Establishing an Offensive Security Program Chevron down icon Chevron up icon
Chapter 2: Managing an Offensive Security Team Chevron down icon Chevron up icon
Chapter 3: Measuring an Offensive Security Program Chevron down icon Chevron up icon
Chapter 4: Progressive Red Teaming Operations Chevron down icon Chevron up icon
Section 2: Tactics and Techniques Chevron down icon Chevron up icon
Chapter 5: Situational Awareness – Mapping Out the Homefield Using Graph Databases Chevron down icon Chevron up icon
Chapter 6: Building a Comprehensive Knowledge Graph Chevron down icon Chevron up icon
Chapter 7: Hunting for Credentials Chevron down icon Chevron up icon
Chapter 8: Advanced Credential Hunting Chevron down icon Chevron up icon
Chapter 9: Powerful Automation Chevron down icon Chevron up icon
Chapter 10: Protecting the Pen Tester Chevron down icon Chevron up icon
Chapter 11: Traps, Deceptions, and Honeypots Chevron down icon Chevron up icon
Chapter 12: Blue Team Tactics for the Red Team Chevron down icon Chevron up icon
Assessments Chevron down icon Chevron up icon
Another Book You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8
(9 Ratings)
5 star 88.9%
4 star 0%
3 star 11.1%
2 star 0%
1 star 0%
Filter icon Filter
Top Reviews

Filter reviews by




Debosmit Ray Feb 03, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
In my opinion, this book should be useful for folks getting into red-teaming, to be more impactful in the companies in which they are working. Approaches like taking a data-driven approach to demonstrate impact, exploring alternative risk assessment techniques (eg: monte carlo simulation). I also thought the succinct way in which Johann explains building out attack graphs (mapping various data sources from different domains, and presenting them via a queryable interface) in the book, which feels palatable to both new and experienced people.Disclaimer: Author is my friend, and I have worked with him.
Amazon Verified review Amazon
Karimi Feb 10, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
An area I see often overlooked in red team books is strategic think. Johann focuses on this quite well. Any offensive security leader building a program from scratch or looking to optimize their processes should include this book in their library.This book strikes the right balance between technical areas of focus with program vision. There are great ideas outlined, ranging from building strong partner relationships, to better articulating business impact, to integrating a red team with engineering processes to help drive scalable changes. Johann suggests ways to visualize data using unique methods and also raises interesting ethical considerations. As I read through the book I found myself often saying "I've been in this exact situation." It's refreshing to hear how a seasoned red team leader handled those often frustrating predicaments.As an offensive security manager, I found this book immensely valuable as a sanity check for my team's processes and overall vison. It also helped identify gaps in areas I've overlooked. On the technical front, Johann provides good detail on some focused red team mission ideas which many operators can "replay", as they're commonly shared objectives across the tech industry.If you find yourself needing to build a red team program, looking to make your program more efficient, or simply to evaluate the value-add of having an in-house red team, this book will be an invaluable resource.
Amazon Verified review Amazon
Amazon Customer Jul 10, 2020
Full star icon Full star icon Full star icon Full star icon Full star icon 5
The book is very enjoyable and well structured. The first section gives a good overview of the importance for a company of having an internal offensive security program. It approaches the difficult subjects of establishing, managing, and measuring the program from a management point of view. There are also few selling points of why a company should "embrace the Red", in case you need to convince management.The second section is more technical and gives tons of examples from real world scenarios flavored with plenty of code snippets and ready-to-use commands. I particularly enjoyed the chapter related to hardening redteamer machines from real adversaries with several tricks I was not aware about. If you are a navigated professional or a beginner who is approaching penetration testing and red teaming I highly recommend the book.
Amazon Verified review Amazon
Honest reviewer Oct 30, 2020
Full star icon Full star icon Full star icon Full star icon Full star icon 5
If you want to learn basics or want deepest insights from one of the experienced red team professionals, this is the book for you. I've worked with the author and its amazing to see their thought process work in form of a book. Highly recommend this book to cyber security professionals.
Amazon Verified review Amazon
juan cubillos Jan 26, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I don't finished to read yet, but in this moment the first items have very descriptions and real examples, I am build my personal lab to resolve the material. I like so much this book.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.