How Can Continuous Automated Red Teaming Provide Scalability and Better Insights?

Subin Thayyile Kandy

 

Date: February 24, 2022
Time: 7.30 p.m IST
Topic: How Can Continuous Automated Red Teaming Provide Scalability and Better Insights?

Watch Now

Abstract:

With the emergence of such concerns as new attack vectors, advanced technologies, and rapid digitization, the cyberthreat landscape is rapidly evolving. Organizations need to identify their attack surfaces to mitigate cyber risks and strengthen their cybersecurity posture. Most organizations rely on red teams to assess a company’s security and conduct tests based on real-world scenarios to identify attack surfaces. Ethical hackers perform realistic, goal-based, simulated cyberattacks to find security gaps in organizational assets. However, red teaming assessments can be tedious and time-consuming, as they involve multiple tools and manual effort. Because red teams can usually test only a small segment of organizational assets, their work can be costly. Organizations need automated red team testing to stay ahead of cyberthreats and nip security issues in the bud.

Continuous automated red teaming (CART) facilitates the automation of red teaming operations to achieve greater visibility on attack surfaces with continuous penetration testing. CART is equipped to automatically discover the attack surface, launch multi-stage attacks, and enable continuous penetration testing. It is a simulation-based concept that augments penetration testing using evolutionary algorithms, parallel computing, and modeling and simulation techniques.

This webinar focuses on how adopting the continuous automated red teaming framework is beneficial for organizations to mitigate cyberattacks.

Key takeaways:

  • Advantages of adopting CART
  • Continuous automated red teaming framework
  • Components of a CART solution
  • Cyber kill chain and Mitre ATT&CK compliance

Speaker:

Subin Thayyile Kandy Subin Thayyile Kandy, Senior Product Security Engineer, Salesforce

Bio: Subin Thayyile Kandy is a seasoned security professional with more than 17 years of experience in application security and offensive security. His educational achievements include certifications such as C|EH and GIAC (GSSP .NET, GWAPT, GPEN, GMOB, GXPN). Subin is a Senior Product Security Engineer at Salesforce and has worked for Barclays, Verizon, and Capital One as a penetration tester and application security engineer.

*Examples, analysis, views and opinion shared by the speakers are personal and not endorsed by EC-Council or their respective employer(s)


Share this post

Recent Posts

INQUIRE NOW

Related Posts

Are you looking to pursue a career in cybersecurity?

Unlock Your Cyber Security Potential at EC-Council University