Topic: Converting threat actor campaigns to purple team exercises
Hosted by the AISA Melbourne Branch, join Fatih Ozavci, Security Researcher, for an online discussion on converting threat actor campaigns to purple team exercises using adversary simulations.

Larger organisations running adversary simulation exercises for a long time due to measuring cyber compromise risk, satisfying regulation requirements and improving organisation defence. However, security operations centres, threat management, incident response and other blue team squads need interactive simulations to understand the adversary behaviours.

In this presentation we will explore the best practices of designing efficient purple team exercises using adversary simulations. In this context, we will introduce a sample TA505+ adversary simulation project which can be used for Red and Purple team exercises against cutting edge systems. Finally, we will demonstrate the techniques and tools with the results against the fully updated systems.

Participants will have the opportunity at the end of the session to ask questions of the speaker via the Q&A Chat box. 

Speaker: Fatih Ozavci
Fatih Ozavci is a multidisciplinary security manager, engineer and researcher with two decades of experience on offensive and defensive security technologies. He has managed several international security assessment and research projects focused on various technologies including service provider networks, unified communications, application security and embedded systems. He shared his researches, tools, advisories and vulnerabilities in major security conferences such as Black Hat USA, DEF CON and HITB. Nowadays, he combines his skillsets to perform realistic adversary simulations and defence exercises for larger organisations. Fatih managed Red Team operations of 2 of Tier-1 Australian banks, and is studying Master of Cyber Security (Advanced Tradecraft) at University of New South Wales at Australian Defence Force Academy.

Register:

This webinar is free and only available to AISA Members, please click on the registration link below:
https://us02web.zoom.us/webinar/register/WN_6waBaPrpSryfSz4HEEORCg

Non AISA Members: If you would like to become an AISA member you can join here

For any queries regarding this event, please contact AISA Event & Sponsorship Manager, Susanna Palermo via email [email protected] or visit our website www.aisa.org.au

Date: Tuesday 1 December 2020

Time Zones:

• 12:30pm - 1:30pm AEDT (Canberra, Hobart, Melbourne & Sydney)
• 12:00pm - 1:00pm ACDT (Adelaide)
• 11:30am - 12:30pm AEST (Brisbane)
• 9:30am - 10:30am AWST (Perth)

Participate in the webinar:

• Once you have registered you will receive a confirmation email with the webinar registration link. Use this link and ensure you logon to the webinar at least 5 minutes prior to the start time
• You will require a strong and stable internet connection
• It is recommended you use a headset or headphones so you can hear the presentation
• A recording of the live session will be available for registrants after the event

AISA has evaluated the use of Zoom based on the Traffic Light Protocol which was facilitated for greater information sharing.  AISA webinars are considered TPL White as the information contains minimal or no foreseeable risk of misuse.  In addition AISA has evaluated the use of Zoom for this purpose as aligned to ACSC Web Conferencing Security, April 2020, see link at https://www.cyber.gov.au/publications/web-conferencing-security and has implemented controls to minimise risks. You are required to register for the webinar via the Zoom platform.  Please refer to the Zoom privacy policy here - https://zoom.us/privacy