Building a Red Team Capability
Building a Red Team Capability
Can a friendly company hacker exist? A growing number of companies see the advantage not only in simulated attacks but in indirectly testing their defense controls and their ability to detect attacks as well. Increase your value within your organization's security team by finding the gaps in your organization's cyber defenses and addressing them before nefarious parties attempt to break in. In Building a Red Team Capability, you'll discover strategies to test your organization's ability to detect cyberattacks and understand how to test an organization's defense controls.
Installment payments are now available on all course purchases!
No Mandatory Login Times
4-6 Hours of Work per Module
Your Subject Matter Expert:
Jeffrey Groman, CISSP
“If you've got the right skills and people in your security team already, they’re going to know your environment intimately. They know your technologies and applications, they understand what's going on in the network and they'll have some really good ideas for what they might want to red team against.”
This course is designed to introduce students to strategies to test an organization’s ability to detect cyberattacks. Learn how to conduct red team exercises, identify objectives and recognize methodologies for running a red team exercise, identify critical resources and frameworks that can be leveraged when running drills, and learn how cyber threat intelligence plays a role in red team exercises.
Module 1: What Is a Red Team and What Does It Do?
Differentiate red team from penetration testing. Describe the goals and objectives of a red team function and the key ingredients for making a red team effective.
Module 2: Building a Red Team Function
Weigh the pros and cons of insourcing versus outsourcing the red team function. Define the skills and tools that are needed to build a red team function. Describe where the red team fits within your security team.
Module 3: Red Team Versus Blue Team
Explain how the red team fits within your security team. Learn how to leverage the Mitre ATT&CK framework for the red team and blue team. Identify different ways of leveraging ATT&CK for red team exercises.
Module 4: Measuring Red Team Effectiveness
Explain how to use metrics to measure trends over time. Apply metrics to measure the effectiveness of red team exercises. Justify the investment of time and money in a red team, and convey its value to leadership using metrics. Evaluate sample metrics.
Windows Enterprise Incident Response
What does crime scene investigation look like if the scene is virtual? This Mandiant course teaches the fundamental investigative techniques you need to...
Network Traffic Analysis
This Mandiant course provides hands-on, tactical experience with network protocols, network architecture, intrusion detection systems, network traffic capture and traffic analysis. Reinforce technical...
Cybersecurity Risks and Industry
You might know everything you can about the cyber threat landscape, but do you have a plan of action to utilize that knowledge?...
Cybersecurity Foundations and Frameworks
In our volatile digital world, the cyber threats you don’t know about are the most dangerous ones there are. Cybersecurity Foundations and Frameworks...
What cyber threats might your company realistically face today? How will you orchestrate the resources at your disposal to defend against them? Cybersecurity Cases teaches...
Thrown in the deep end of cybersecurity without sufficient training? This Mandiant course introduces students to foundational elements of cybersecurity programs, including security...
Jeffrey Groman, CISSP
Jeffrey Groman, founder of Groman Consulting Group, is dedicated to helping organizations identify and resolve their greatest cybersecurity risks. Mr. Groman has worked in the security field for more than 20 years. As a cybersecurity consultant, he has guided major corporations, including banks, insurance companies and software providers through risk prevention and rapid response to incidents and security breaches.
Mr. Groman is certified in forensic analysis and application security, and previously worked with Mandiant Security Consulting Services and FireEye, providing strategic and incident response consulting to security teams and educating executives through delivery of SOC assessments. In these roles, Mr. Groman led a team of consultants and functional experts in working with a wide range of clients across multiple verticals, including NYC Health and Hospitals, Blue Cross Blue Shield Association, Ameriprise Financial, American Express, Ally, Huntington National Bank, Eaton, Caterpillar, DST Systems, Sprint and TransAmerica.
Mr. Groman is passionate about cybersecurity and partnering with clients to find solutions to complex issues. His book “Avoid These 11 Pitfalls and Minimize the Pain of Your Next Data Breach” is designed to help organizations learn from his decades of real-world experience. He has presented at Information Systems Security Association (ISSA) International, NetSecure, and Infragard conferences; briefed boards of directors; conducted tabletop exercises and workshops; and helped clients build security processes to be better prepared for the inevitable.
Mr. Groman has a BS in Electrical and Computer Engineering from the University of Colorado, Boulder.