Explore the concept of hybrid security teams in enterprise environments through this 37-minute conference talk from BSides Nashville 2014. Learn about the challenges faced by one company and discover the importance of detection and prevention in blue team operations. Delve into security assessments, distinguishing between exercises and assessments, and understand the role of purple teams. Examine proactive protection strategies, threat modeling techniques, and the significance of story-based security. Participate in a tabletop exercise and gain insights on building an effective security program, including communication strategies and practical implementation steps.
Overview
Syllabus
Intro
One company's struggle
What?
Detect, Prevent
Blue Team - Detect
Blue Team - Prevent
Security Assessments
Exercise v. Assessment
Purple Team
Goals
Proactive Protection
Threat modeling
Choosing a model
Attack Paths
Story based Security
Tabletop
Exercises
Example
Let's Excercise
Combine Objectives
Building Your Program
Where to Start
Communication
Questions?
