This talk discusses the homefield advantage of an internal security team and how to use the MITRE ATT&CK framework in relation to the modern and mobile workplace. We will highlight how a red teaming mindset can help improve the security posture of your organization. Additionally, the talk will highlight the survivorship bias mentality and how to improve your red teaming by being aware of it.
Johann has over eighteen years of experience in threat analysis, threat modeling, risk management, penetration testing, and red teaming. As part of his many years at Microsoft, Johann established an offensive security team in Azure Data and led the program as Principal Security Engineering Manager for years. He also built out a red team at Uber and currently works as an independent security and software engineer. He enjoys providing training and was an instructor for ethical hacking at the University of Washington. Johann contributed to the MITRE ATT&CK framework (Pass those Cookies!), published a book on how to build and manage a red team, enjoys hacking machine learning systems and holds a master’s in computer security from the University of Liverpool. For latest updates and information visit his blog at embracethered.com