Archive for Cyber Defense

Red Teaming Usage for Assessing Information Security

Posted in Cyber Defense with tags , , , on December 23, 2010 by stormsecurity

Red Teaming of information systems is an advanced form of assessment performed by a team of highly skilled penetration testers and security specialists.

Considerations about Red Teaming Usage in Assessing Information Assurance is an article that I have recently written and presented to SECITC 2010 security conferece. Please find below the abstract and table of contents which should increase your interest for reading it.

Abstract: Red Teaming is an advanced form of assessment that models and simulates adversary actions with the overall purpose of discovering target’s weaknesses and improving its defenses. Also known as ethical hacking, penetration testing or security assessment, Red Teaming of information systems offers reliable information about the effectiveness of defense mechanisms implemented. The paper presents the Red Teaming process from both perspectives: the client and the assessor, covering various aspects like: motivation, assessment types, client benefits, client risks, assessment planning, team organization, attack preparation, execution and reporting.

Contents:

  1. Introduction
  2. What is Red Teaming?
  3. Red Teaming assessment from the client’s perspective
    • Why should an organization use a Red Teaming assessment?
    • When is the best time to use a Red Teaming assessment?
    • What are the benefits for the client?
    • What are the risks for the client?
    • What type of assessment should be chosen?
    • Who can be the target?
  4. Red Teaming assessment from the provider’s perspective
    • Define assessment objectives
    • Assemble the Red Team
    • Reverse engineer the target
    • Create and validate attack trees
    • Assign Red Team members to attacks
    • Prepare tools and methods
    • Perform collaborative attacks
    • Create the report
    • Explain report to client
  5. Conclusions
Advertisements

Guide For Designing Cyber Security Exercises

Posted in Cyber Defense with tags , , , , on January 26, 2010 by stormsecurity

Here is an article that I’ve recently published at the Information Security and Privacy WSEAS International Conference – December 2009.

 Abstract: – Cyber security exercises are a very effective way of learning the practical aspects of information security. But designing such exercises is not an easy task and requires the work of several people. This paper presents a number of steps and guidelines that should be followed when designing a new cyber security exercise. The steps include: defining the objectives, choosing an approach, designing network topology, creating a scenario, establishing a set of rules, choosing appropriate metrics and learning lessons. The intended audience of this paper is persons who are in charge with design and organization of a new cyber security exercise and do not have the experience of previous exercises.

Key-Words: – cyber security exercise, cyber defense exercise, security education, design guide

If any questions, feel free to contact me.