Cybersecurity Attacks – Red Team Strategies

5 (1 reviews total)
By Johann Rehberger
    Advance your knowledge in tech with a Packt subscription

  • Instant online access to over 7,500+ books and videos
  • Constantly updated with 100+ new titles each month
  • Breadth and depth in over 1,000+ technologies
  1. Section 1: Embracing the Red

About this book

It's now more important than ever for organizations to be ready to detect and respond to security events and breaches. Preventive measures alone are not enough for dealing with adversaries. A well-rounded prevention, detection, and response program is required. This book will guide you through the stages of building a red team program, including strategies and homefield advantage opportunities to boost security.

The book starts by guiding you through establishing, managing, and measuring a red team program, including effective ways for sharing results and findings to raise awareness. Gradually, you'll learn about progressive operations such as cryptocurrency mining, focused privacy testing, targeting telemetry, and even blue team tooling. Later, you'll discover knowledge graphs and how to build them, then become well-versed with basic to advanced techniques related to hunting for credentials, and learn to automate Microsoft Office and browsers to your advantage. Finally, you'll get to grips with protecting assets using decoys, auditing, and alerting with examples for major operating systems.

By the end of this book, you'll have learned how to build, manage, and measure a red team program effectively and be well-versed with the fundamental operational techniques required to enhance your existing skills.

Publication date:
March 2020


Section 1: Embracing the Red

An organization must be ready to detect and respond to security events and breaches effectively. Preventive measures alone are not enough to deal with adversaries. An organization needs to create a well-rounded prevention, detection, and response program.

Establishing an offensive security program can help improve the security posture of your organization and identify weaknesses in prevention, detection, and response to security incidents.

In the first part of this book, we will discuss establishing, managing, and measuring an internal offensive security program. This part is en titled Embracing the Red to highlight the importance of having dedicated testing efforts in place and building and encouraging a culture of transparency when it comes to identifying and discussing security challenges and weaknesses within an organization. We will dive into details, learnings, and organizational challenges on how to build, manage, and measure an internal offensive security program.

One of the benefits an internal offensive security team can provide compared to a real-world adversary is that of Homefield Advantage and the collaboration between all stakeholders to demonstrate the immediate benefits of improving the security posture of the organization.

Furthermore, we will explore progressive red team operations, such as crypto jacking, dedicated operations to identify privacy violation, pen testing the pen testers, and much more.

This part comprises the following chapters:

  • Chapter 1, Establishing an Offensive Security Program
  • Chapter 2, Managing an Offensive Security Team
  • Chapter 3, Measuring an Offensive Security Program
  • Chapter 4, Progressive Red Teaming Operations

About the Author

  • Johann Rehberger

    Johann Rehberger has over fifteen years of experience in threat analysis, threat modeling, risk management, penetration testing, and red teaming. As part of his many years at Microsoft, Johann established a penetration test team in Azure Data and led the program as Principal Security Engineering Manager. Recently, he built out a red team at Uber and currently works as an independent security and software engineer. Johann is well versed in analysis, design, implementation, and testing of software systems. Additionally, he enjoys providing training and was an instructor for ethical hacking at the University of Washington. Johann contributed to the MITRE ATT&CK framework and holds a master's in computer security from the University of Liverpool.

    Browse publications by this author

Latest Reviews

(1 reviews total)
muy buena experiencia de compra

Recommended For You

Book Title
Unlock this book and the full library for FREE
Start free trial