SANS - SEC564: Red Team Exercises and Adversary Emulation
Jorge Orchilles | Duration: 4h+ | Video: H264 1280x720 | Audio: AAC 32 kHz mono | 512 MB | Language: English
In SEC564, you will learn how to plan and execute an end-to-end adversary emulation, including how to plan and build a red team program, leverage threat intelligence to map against adversary tactic, techniques, and procedures (TTPs), emulate those TTPs, report and analyze the results of red team exercises, and ultimately improve the overall security posture of the organization.
You will do all of this in a course-long exercise, in which we perform an adversary emulation against a target organization modeled on an enterprise environment. This environment includes Active Directory, email, web, and file servers, as well as endpoints running the latest operating systems. We will start by consuming cyber threat intelligence to identify and document an adversary that has the intent, opportunity, and capability to attack the target organization. You will discover the TTPs used by the adversary while creating an adversary emulation plan leveraging MITRE ATT&CK (Adversary Tactics, Techniques, and Common Knowledge).
We'll cover the planning phase of these exercises, showcasing various industry frameworks and methodologies for red teaming and adversary emulation. These frameworks are industry standards used by various regulatory bodies to ensure consistent and repeatable red team exercises.
Using strong planning and threat intelligence, students will follow the same unified kill chain as the adversaries to reach the same objective, from setting up attack infrastructure with command and control to emulating multiple TTPs mapped to MITRE ATT&CK.
The course concludes with exercise closure activities such as analyzing the response of the blue team (people and process), reporting, and remediation planning and retesting. Finally, you will learn how to show the value that red team exercises and adversary emulations bring to an organization. The main job of a red team is to make a blue team better. Offense informs defense and defense informs offense.
https://www.sans.org/cyber-security-courses/red-team-exercises-adversary-emulation/
http://nitroflare.com/view/942659DF91A76ED/SEC564.rar
https://rapidgator.net/file/8c98e4311fe0c47e39029b08888221a2/SEC564.rar.html
https://uploadgig.com/file/download/3e3743ab9a6755D4/SEC564.rar
https://dropapk.to/ypsdktjqim9u