[Workshop Speakers]
Adversary Village at
DEF CON 32

Tyler Casey

Deputy of SCYTHE Labs

Tyler Casey is a seasoned Cyber Professional with over a decade of experience in Defensive Cyber Operations (DCO). Currently serving as Detection Engineer and Deputy at Scythe Labs, Tyler specializes in developing and implementing robust defensive cybersecurity measures to detect and mitigate evolving threats. Prior to joining SCYTHE, Tyler worked in DCO Operations for the U.S. Government, both as a Federal Civilian and Active-Duty Marine. During that tenure, Tyler deployed internationally in support of incident response and targeted threat hunting. Throughout his career, he has been dedicated to enhancing cyber defenses, ensuring the security of critical systems, and contributing to the broader cybersecurity community.

Hands-on workshop: Power To The Purple

| Aug 11th 2024 | Adversary Village Area | Las Vegas Convention Center.
Purple Team

The modern cybersecurity realm is no longer one where defenders can work in a vacuum and be successful. Conversely, many people are starting to lose faith in the value of penetration testing as a mechanism to measure their organizational security posture. A collaborative milestone driven approach where Red and Blue teams operate in tandem, is necessary to ensure a proactive approach to enhancing the security of our organizations. This is where Purple Teaming comes into play. In this 2-hour hands-on workshop you will be introduced to Purple Team Exercises and play the role of a Cyber Threat Intelligence analyst, Red Team operator, and Blue Team security analyst.
We have set up an isolated environment for each attendee to go through a Purple Team Exercise following the Purple Team Exercise Framework (PTEF). This event will give participants a chance to test out new tools, techniques, and procedures learned during the workshop.

    Key Take Aways:
  1. Learn the basics of Purple Teaming through the study of the PTEF.
  2. Setup and utilize Command and Control (C2) frameworks.
  3. Consume Cyber Threat Intelligence from a known adversary.
  4. Extract adversary behaviors/TTPs and map them to the MITRE ATT&CK framework.
  5. Play the Red Team by creating and executing adversary emulation plans.
  6. Emulate the adversary behaviors in a simulated organization to determine how it would stand up to the adversary.
  7. Play the role of the Blue Team to hunt for malicious behavior and Indicators of Compromise.
  8. Deploy and utilize popular defensive tooling such as Sysmon, log ingestors, and SIEMS to aide in threat hunting.

We Engage.


Join Adversary Village Discord Server.

Join Adversary Village official Discord server to connect with our amazing community of adversary simulation experts and offensive security researchers!