Adversary Sandbox at RSA Conference 2023 will have technical talks, live demos, Adversary Wars CTF, Adversary Simulator and Purple team booth, panel discussions and other hands-on activities on adversary simulation, emulation and purple teaming.
The Adversary Sandbox will have technical talks and panel discussions participating industry leaders focused on Purple teaming, adversary simulation and the trends in adversarial tradecraft.
Ransomware campaigns and state sponsored threat actors mutate quickly which is evolving defense mechanisms, thereby forcing organizations to invest more in cybersecurity. This session will discuss how organizations can use adversary simulation and purple teaming to build a more effective security program and increase security ROI.
Adversary Village will be hosting a hands-on initiative named Adversary Simulator and Purple Team booth. Adversary Simulator booth will have hands-on adversary emulation plans specific to a wide variety of threat-actors - ransomware, these are meant to provide the participant/visitor with a better understanding of the Adversary tactics.
This is a volunteer assisted activity where anyone, both management and technical folks can come-in and experience different categories of simulation, emulation and purple scenarios. Adversary Simulator booth will be having a lab environment focused on recreating enterprise infrastructure, aimed at simulation and emulating various adversaries. The booth visitors will be able to view, simulate and control various TTPs used by adversaries. The simulator is meant to be a learning experience, irrespective of whether one is hands-on with highly sophisticated attack tactics or from the management.
We very often focus on the technical execution of adversary emulation, but must also not forget to highlight the broader “so what?” relative to the business. In this talk we will explore various examples of using adversary emulation to identify and deliver impactful business outcomes. Jamie is an adversary emulation engineer for The MITRE Corporation where he works with amazing people on various exciting efforts involving security operations and research, mostly focused on adversary emulation and behavior-based detections. He leads the development of MITRE ATT&CK® for Enterprise and has also led teams that help shape and deliver the “adversary-touch” within MITRE Engenuity ATT&CK Evaluations as well as the Center for Threat-Informed Defense (CTID).
Adversary Adventure is a Choose-Your-Own-Adventure model interactive game, where everyone can participate, choose the various activities of an adversary, post exploitation. The Viking symbol Vegvisir was believed to be a guide helping the carrier to find their way back! The vikings believed that the symbol could help a person find the right path in case of bad weather or storms, regardless of the environment they encounter. Lets hope Vegvisir can guide you through the each challenges in the Adversray Adventure Game.
Adversary Village
Phillip Wylie
Mike Cunningham, R&D Program manager at MITRE Engenuity CTID
Michael B Kouremetis, Caldera Lead at MITRE
Abhijith B R
Jason Haddix, CISO at BuddoBot
Adversary Village
Phillip Wylie
Mike Cunningham, R&D Program manager at MITRE Engenuity CTID
Michael B Kouremetis, Caldera Lead at MITRE
Abhijith B R
Jason Haddix, CISO at BudoBot
This is a CTF like technical hands-on activity for hackers and offensive security professionals. There would be a cyber range which is an exact replica of a target organization. The participants need to perform a wide variety of attack tactics like initial access-to-data exfiltration in the environment to locate the hidden flags and complete the cyber range exercises. The difficulty level of the cyber range would be easy to medium.
Gold Sponsors