Security BSides London 2019: The Imitation Game: emulating attackers

Security BSides London, the UK’s biggest community-driven infosec conference is happy to announce its 8th iteration open to all regardless of background, skill level, income or job-title.

Doors to the main event open at 8.30am with talks starting at 9am on 5 June 2019
Workshops will be held on 4 June 2018 starting at 10am; Pre-registration is required

Please remember that Security BSides London has a strict code of conduct available here.

The Imitation Game: emulating attackers

How do you realistically emulate attacker behaviour? Whether you are testing your own defences, want to improve them or are investigating new attacker techniques, generating realistic adversarial behaviour is hard. The MITRE corporation released CALDERA last year, a very powerful (but underrated) attacker emulation tool. It allows you to implement your own attacker techniques and model attacker groups based on techniques they use. Using a clever, built-in decision planner, it will chain selected attacker techniques in order to execute a realistic end-to-end attack path. This talk looks at how you can turn new attacker techniques into CALDERA actions, how to chain them together and what that looks like in a controlled environment. Using LOLBins, webshells and Powershell weirdness, we'll look at how to do emulation right

Speakers

Wietze Beukema

PwC

Wietze has been hacking around with computers for years, and has specialised in Cyber Security at university. Originally from the Netherlands, he currently works for PwC in London. Part of his role in the Endpoint Threat Detection team is attacker emulation.

Wednesday June 5, 2019 09:45 - 10:30
Track 3 ILEC Conference Centre 47 Lillie Road London SW6 1UD

Track 3, Speaker

Security BSides London 2019

Sign up or log in to save this to your schedule and see who's attending!

Wietze Beukema

Twitter Feed