Thinking like an adversary

Having an understanding of who the adversary is and how it might exploit weaknesses and security vulnerabilities will make any organization better prepared.

Rather than just reacting to a security event, organizations should implement a new posture, one based on the red team mindset: be proactive, think what an attacker can exploit, and stay two or three moves ahead of him. Prepare and establish detection and deception measures. Make a future attack harder.

If one has enough visibility into what an adversary might do, their TTPs (tactics techniques and procedures) and motives, a much better overall security defense posture can be set, a better plan with various degrees of contingencies can be prepared and when a new challenge presents itself, the whole organization is better suited to deal with it.

Using red teams to track criminals

The fun house - Part 1