c0c0n 2021
Adversary Village

Hidayath Khan

Sr. Red Team Lead, Kimberly-Clark

Hidayath Khan is a seasoned industry veteran with dedicated InfoSec experience spanning more than two decades. “Khan” – as he is usually known in the Cybersecurity Industry is also a SANS Instructor and teaches SANS popular courses such as “Network Penetration Testing” & “Security Essentials” courses. Currently, Khan works as a ‘Sr. Red Team Lead’ for Kimberly-Clark – a fortune 50 organization based out of Bangalore, India. His previous experiences include working in senior cyber security roles for various organizations across Middle East including Emirates Airlines, Belgacom/Scanit, eHosting-Datafort & Sentelist. He has his CISSP, GCED, GCIH, GPEN, GSEC, GREM certifications and brings with him a wealth of knowledge and hands-on skills garnered from the trenches in various consulting assignments for a range of fortune 100 companies across the EMEA and APAC region.
His Expertise Includes: Red Teaming, Purple Teaming, Adversary Emulation, Network/Wireless/ERP/SAP Penetration Testing, Incident Handling & Response, Security Audits, Defense-in-depth, Defensible Network Architectures, CIS Controls Audit, Active Defense, Cyber Deception, Windows Security hardening & Unix Security hardening.
Khan is also an active contributor to the information security community and has published several articles in leading regional magazines such as Computer News Middle East, Network Middle East & Security Advisor Middle East. He is also a prominent speaker at various security conferences and has been involved with SANS Institute as a GIAC Advisory Board member and mentor since 2001.

Talk: Painting Your Organizations with Shades of Red, Blue & Purple

As the attacker's are upping the ante by conducting sophisticated cyber attacks, defenders need to keep pace to defend their organizations and protect their crown-jewels from such advanced attackers. In this presentation, we will be looking at discussing how organizations can ramp up the defenses by emulating the adversaries by integrating basic "Red, Blue and Purple" team techniques to fortify their security posture.