NE HIMSS Premier Sponsored Webinar:

"Introduction to Automating Attacks and Validating Assumptions"  

Session Presented by Wolf and Company

 

 

Webinar date: March 26, 2024
Webinar time: 12pm EST

 

Security teams are often tasked with building a layered control environment through a defense-in-depth approach. Audit and compliance teams may even require these controls to align to a specific benchmark or framework. Unfortunately, the scenario often arises where these controls are only put to the test when a real attack occurs leading teams confused when responding to an incident. Assumptions are made by all business units about the operating effectiveness of the environment. Remember when we all relied on the perimeter firewall for security a decade ago? We now have the same problem with heavily relying on default configs within EDR’s. Business leaders may be lulled into thinking that these tools will prevent sophisticated attack chains by nation state adversaries and meanwhile get burned by lazy PowerShell tradecraft that goes undetected. These assumptions are rarely validated through active testing or standard day-to-day activity due to the complexities of a behavior or technique. From an auditing perspective, this is a critical hidden gap that creates a cyclical problem. We are maybe the only industry that provides technical solutions that still requires customers to continuously tune and validate they are working as intended. Although the controls may align to a specific need on paper, significant gaps go unnoticed allowing attackers to achieve their end objectives. A purple team/threat emulation exercise can help prevent this. However, most businesses are often unequipped to know where to begin. 

As an industry, we have pushed a lot of the responsibility on to managed service providers and vendors without fully understanding what we are signing up for. The need for defenders to understand offensive actions and capabilities has grown to be to ensure controls are working as intended. These types of assessments demonstrate a tools value to the business or create a case for the need of a specific investment. This session will introduce what the latest buzzwords mean such as Atomic Testing, Micro Emulation Plans, and Purple Teaming. With a common understanding, we will then demonstrate an example within a lab environment to execute an emulation plan to learn from offensive and defensive outcomes. 

Speaker

 

 

 

 

 

 

 

 

Alex Martirosyan,Senior Penetration Tester

Alex is a Senior Penetration Tester at Wolf’s IT Assurance Services group where he’s responsible for coordinating and conducting penetration testing services for clients in a variety of industries, including financial, healthcare, and software. His expertise consists of internal and external network penetration testing, threat emulation exercises, social engineering, vulnerability assessments, cloud security assessments, and Active Directory security reviews. Additionally, he has experience working with standards from the National Institute of Standards and Technology (NIST), the Center for Internet Security (CIS), and leveraging the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework. Alex has over three years of experience performing security assessments and holds certifications from industry-recognized organizations such as Offensive Security and Global Information Assurance Certification (GIAC).