This page is fully or partially automatically translated.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment

Forums it-sa Expo Knowledge Forum E

WBRT® - White Box Red Teaming

With WBRT®, an infrastructure can be examined from an attacker's point of view without risk. Advantage and benefit are presented.

Buy trade fair ticket

You can register for this action soon.

You can register for the digital action soon.

Please come back at the scheduled date and time.

The action is currently live. Please scroll down to watch.

This action is only available onsite: Forums it-sa Expo

Add action to bookmarks and download as iCal

Join now

Note: If you continue, the contact data you provided during registration may be transmitted to the respective provider in accordance with our General Terms and Conditions.

Please log in or register in advance so that you can take part in actions or watch the action videos!

This action has already taken place. This action will soon be available as a video.

This action has already taken place. Please scroll down to watch the video.

This action has already taken place. Please login or register to watch the video.

This action has already taken place. It's not available any more.

You are in!

Your ticket / access to the action was sent to you by email.

There is a problem with the action at the moment. Please come back later or contact support.

calendar_today Tue, 25.10.2022, 13:30 - 13:45

event_available On site

Action Video

south_east

Action description

south_east

Speaker

south_east

Product

south_east

Themes

Data security / DLP / Know-how protection Governance, Riskmanagement and Compliance Network Security / Patch Management

Organizer

secuvera GmbH

Event

This action is part of the event Forums it-sa Expo

Action Video

Action description

WBRT® - White Box Red Teaming is an innovative approach to overcome the limitations of penetration testing without taking the risks of classic red teaming.

In a penetration test, an attacker scenario is defined, usually by the organization being tested. At a minimum, an attacker scenario consists of:

Attack target (e.g., the new web store).
Methodology (e.g., checking the application server via a vulnerability scan or checking the web store via an application scan)
Authorization scenario (e.g. customer of the store, but not administrator)

Red Teaming involves defining a content objective, such as taking control of a control system. The Red Team usually comes from the outside as an attacker and is free to choose its attack targets and methodology. The goal here is to find out if the Blue Team, i.e. the defense, can detect and repel the attacks. Since the attacks are unannounced and take place over a long period of time, the Blue Team must be active around the clock.

Red Teaming therefore has - in contrast to penetration testing - the great charm of looking at an organization as a whole and not at individual systems, networks or applications in isolation.

However, real Red Teaming also has the inherent disadvantage of incalculable risks. For example, due to the necessary lack of knowledge about the criticality of a target system in the scenario, processes relevant to the company can be disrupted. In addition, the effort and thus the costs are very high.

The WBRT® - White Box Red Teaming approach uses the openness of the Red Teaming approach without incurring risks or extreme costs. Likewise, a Blue Team is not mandatory. The process is simplified in the following:

* Definition of the "Holy Grail": The target organization provides the content specification of what is to be achieved, e.g., control of a control system in production.* Research phase (Open Source Intelligence, OSINT): In this optional step, the organization is reconnoitered in advance. The goal is to research as much as possible about potential attack surfaces and reconcile the results with the internal state of knowledge. For example, there are always test servers or marketing campaigns that are still active, either unknown or by mistake.
* White Box Red Teaming Workshop: The workshop takes place with a comparatively large group of participants from the target organization. All relevant technical contacts, such as network administrators, server and client administrators, and possibly also other experts such as SAP specialists, are represented. In the workshop, attack scenarios designed by the external Red Team are jointly discussed and documented.
* Next steps: In most cases, the white box red teaming results in a sufficient number of optimization steps that a catalog of measures is first defined and implemented by the target organization. In some cases, attack options are also derived, where a real implementation is considered to provide insight. ... read more

Language: German

Questions and Answers: No