https://systemoverlord.com/tags/bsides-seattle.htmlRecent content in BSides Seattle on System OverlordHugoen-usdavid@systemoverlord.com (David Tomaschik)david@systemoverlord.com (David Tomaschik)Sat, 20 Feb 2016 00:00:00 +0000https://systemoverlord.com/2016/02/20/bsides-seattle.htmlSat, 20 Feb 2016 00:00:00 +0000david@systemoverlord.com (David Tomaschik)https://systemoverlord.com/2016/02/20/bsides-seattle.html<p>These are just (essentially) my raw notes dumped from the talks I attended at BSides Seattle (2015-ish). Unfortunate I developed a migraine so I only caught the morning talks.</p> <h3 id="active-directory">Active Directory</h3> <ul> <li>Use scripts to dump AD</li> <li>Use scripts to sync with 3rd party providers</li> <li>Lots of story, not much technical depth</li> </ul> <h3 id="red-team">Red Team</h3> <ul> <li> <p>Presenter: Sean Malone, FusionX</p> </li> <li> <p>Types of Security Assessment</p> <ul> <li>Vulnerability Assessment <ul> <li>Find vulnerability</li> <li>Limited Scope</li> <li>Broad &amp; Shallow</li> <li>Cooperates with SecOps</li> </ul> </li> <li>Pentesting <ul> <li>Achieve Technical Compromise/Domain Admin</li> <li>Moderate Depth</li> <li>Techniques include Network, Application Assessment</li> </ul> </li> <li>Red Team <ul> <li>Narrow Scope</li> <li>Whole Enterprise is In Scope</li> <li>Techniques include Social, Physical, Technical</li> <li>RT Objectives <ul> <li>Simulate Sophisticated Adversary</li> <li>Achieve &ldquo;Nightmare Scenario&rdquo; without detection</li> </ul> </li> <li>Client Objectives <ul> <li>Understand resiliency</li> <li>Risk reduction, not just vulnerability count</li> </ul> </li> </ul> </li> </ul> </li> <li> <p>Effective Red Teams</p>