You're reading from Cybersecurity Attacks ‚Äì Red Team Strategies A practical guide to building a penetration testing program having homefield advantage

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781838828868

Length 524 pages

Edition 1st Edition

Tools

Neo4j

Concepts

Cybersecurity

Author (1):

Johann Rehberger

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1: Embracing the Red

2. Chapter 1: Establishing an Offensive Security Program FREE CHAPTER

3. Chapter 2: Managing an Offensive Security Team

4. Chapter 3: Measuring an Offensive Security Program

5. Chapter 4: Progressive Red Teaming Operations

6. Section 2: Tactics and Techniques

7. Chapter 5: Situational Awareness – Mapping Out the Homefield Using Graph Databases

8. Chapter 6: Building a Comprehensive Knowledge Graph

9. Chapter 7: Hunting for Credentials

10. Chapter 8: Advanced Credential Hunting

11. Chapter 9: Powerful Automation

12. Chapter 10: Protecting the Pen Tester

13. Chapter 11: Traps, Deceptions, and Honeypots

14. Chapter 12: Blue Team Tactics for the Red Team

15. Assessments

16. Another Book You May Enjoy

Leave a review - let other readers know what you think

Understanding the illusion of control

All models are wrong, but some are useful is a famous quote by George Box, and it applies to measuring red teaming and offensive security engineering, in particular. It's good to have a model, perform analysis and attempt to measure and improve, but do not make the model its own goal. The goal is to improve the security and quality of products and services by reducing the overall risk and, at the same time, building a well-functioning team. Chasing a vague understanding of a maturity model and climbing its ladder might, in the end, be counterproductive, especially when it comes to red teaming.

A standard model might create the illusion of control and could therefore be misleading. Putting things into context is necessary. So, feel free to adjust, accept, or reject what works for your team and organization.

One of the most difficult tasks in red teaming is measuring the maturity of the program itself. There have certainly been stages...