- This session has passed.
Seeing Red: Improving Blue Teams Through Red Teaming
July 13, 2017 @ 10:20 am - 11:05 am
Red teaming gives your organization an opportunity to practice how you want to play in the event you’re faced with a real security incident. Maybe you are already doing it and want to compare notes or maybe you have only heard about it and want more details. This talk will discuss why organizations should consider red teaming, how red teaming can improve blue teams, practical considerations and lessons learned from the presenter’s own experiences.
People will come away with an understanding of what red teaming is, how it differs from other types of security assessment and should have enough understanding of the concepts that they could begin a red team/blue team program of their own and be able to avoid some of the difficult lessons learned during these kinds of engagements at Microsoft. In addition, the lessons learned will share some practical techniques for running security incident response and for improving security operations.