Menu

DEF CON 29
Adversary Village
Speakers

Marc Smeets

Red Teamer, Outflank

Marc is from Infosec class 1999 (hobby) and 2006 (professionally). With a strong background in system and network engineering, he switched to pentesting in 2006. In 2016 he co-founded Outflank, a boutique red teaming and adversary simulation company in Amsterdam. He helps international customers on a daily base. Besides working for his clients, Marc spends his time making tools to optimise the red teamer's workflow, a.o. RedELK. Besides infosec, Marc is a great fan of fast cars and champagne.

Talk: Exploiting Blue Team OPSEC failures with RedELK

Blue teams and CERTs are increasingly better equipped and better trained. At the same time offensive infrastructures are increasingly diverse in components and growing in size. This makes it a lot harder for red teams to keep oversight but also a lot easier for blue teams to react on the traces that red teams leave behind. However, do blue teams really know what traces _they_ leave behind when doing their investigation and analyses? RedELK was created and open sourced to help red teams with these two goals: 1) make it easy to have operational oversight, 2) abuse blue team OPSEC failures. Come to this talk to learn about blue team detection and how RedELK can help you.

Recorded Live 📼