So, you want to be a Red Teamer, but you can’t get into it because you’re not a big enough name, or you lack the opportunities and experience to develop the skill-set? It’s extremely hard to develop your red teaming skills without access to legitimate work within this sphere (or legal, at least!). The skills are advanced and require hours spent in enterprise environments honing your tradecraft, but access to this world can be a chicken and the egg situation.
In this talk, we discuss the skill differences between pen testing and red teaming and how to break into a red team. We approach the topic from both a career / tactical angle as well as how to close the upskilling gap. We introduce a new open source lab (Fortis), which provides a new approach to simulating user interactions (using unique ‘Digital People’) to help you develop the right skillsets without going out-of-scope and staying on the right side of the law.