Towards Improving APT Mitigation: A Case for Counter-APT Red Teaming
Abstract:
Vulnerabilities leveraged by Advanced Persistent Threats (APTs) that ultimately allow them to gain access to critical data and unveil private information are often far removed from the portions of the security environment where initial access is gained. This paper presents a defensible scholarly decomposition of the red-team process itself and discusses how traditional red-team assessments may not be the most effective solution for emulating APT threats and mitigating their impacts. Counter APT red teaming (CAPTR teaming) is presented as a novel red-teaming process towards addressing such shortcomings of current well-known red-team practices.
AUTHORS
Towson UniversityTowson,
United States
Dr. J.G. Oakley was one of the founding members of Marine Corps Forces Cyberspace Command’s operational arm. He left that unit as the senior Marine Corps operator and technical lead. After his enlistment he wrote and taught an advanced cyber operations course for the Department of Defense and eventually returned to mission support as a network exploitation analyst. He has also conducted threat emulation and persistent red teaming in the private sector as the principal penetration tester for a private firm, ultimately becoming the deputy director in charge of offensive security operations. Currently he serves as a cyber subject matter expert for a govern-ment customer. He is the author of the books Profes-sional Red Teaming and Waging Cyber War.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive