Loading…
Welcome to Bsides Seattle 2020
Back To Schedule
Saturday, October 17 • 11:00am - 11:55am
Red Team Handcuffs

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Microsoft Red Teams try and emulate attackers as much as possible with how we do our activities, aiming to provide our respective Blue Teams with an adversary that emulates a real attacker well enough to earn a name on our periodic table.

For the most part this is achievable, however there are some tactics and techniques that attackers can do (and do use) that CDG SERPENT has challenges emulating. We will share what these attacks and challenges are, how we work around them, and what we are considering doing for the future. This will cover items like:
- Supply chain attacks that include a third-party compromise
- Compromises where the blast radius cannot be controlled
- Product compromises that would reach public consumers
- Attacks that would cause an extended service outage
- Etc.

This talk will offer specific examples of each type of attack that we wanted to do from the public space and how we replicated (or attempted to replicate) that attack internally. We will explain our thought process, how we made decisions, and what trade-offs we had to accept in the end to achieve our goals.

Speakers
avatar for Caleb McGary

Caleb McGary

Senior Software Security Engineer, Microsoft
I\'m a member of the SERPENT Red Team at Microsoft servicing EDG (Edge, Devices, and Gaming). I enjoy coding, astronomy, and building new things.


Saturday October 17, 2020 11:00am - 11:55am PDT
Track A