You're reading from Cybersecurity Attacks ‚Äì Red Team Strategies A practical guide to building a penetration testing program having homefield advantage

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781838828868

Length 524 pages

Edition 1st Edition

Tools

Neo4j

Concepts

Cybersecurity

Author (1):

Johann Rehberger

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1: Embracing the Red

2. Chapter 1: Establishing an Offensive Security Program FREE CHAPTER

3. Chapter 2: Managing an Offensive Security Team

4. Chapter 3: Measuring an Offensive Security Program

5. Chapter 4: Progressive Red Teaming Operations

6. Section 2: Tactics and Techniques

7. Chapter 5: Situational Awareness – Mapping Out the Homefield Using Graph Databases

8. Chapter 6: Building a Comprehensive Knowledge Graph

9. Chapter 7: Hunting for Credentials

10. Chapter 8: Advanced Credential Hunting

11. Chapter 9: Powerful Automation

12. Chapter 10: Protecting the Pen Tester

13. Chapter 11: Traps, Deceptions, and Honeypots

14. Chapter 12: Blue Team Tactics for the Red Team

15. Assessments

16. Another Book You May Enjoy

Leave a review - let other readers know what you think

Performing tabletop exercises

Covering how to run a tabletop exercise is beyond the scope of this book. However, think of it as an exercise on paper and role playing without the actual operational activities being performed. Since time with the executives of an organization is usually quite limited, a proper scenario can help a lot to guide everyone through scenarios such as threat analysis, escalation, response decisions, and remediation flow. Let's go over some ideas for tabletop exercises. Some of them are also scenarios that would be impossible to perform as a real-world emulation.

As we mentioned previously, there are red teaming scenarios that are too complex or expensive to perform and some are legally off limits. Such scenarios often entertain more strategic and analytical aspects that are best explored on paper and go beyond typical cyber operational red teaming engagements.

Here are some examples of possible tabletop exercises: