March TASK - How to Plan a Purple Team Exercise / Compliant Operations in an aaS World
Wednesday 29-March-2017 // 6:00 - 9:00 PMMeeting Location: 55 John Street, TorontoRoom: #308/309 (Top of escalators)
MARCH TASK
This month we have Haydn Johnson hosting a session on how to plan a purple team exercise, and James Arlen discussing compliant operations in an aaS world.As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.Any questions email info@task.to. We look forward to seeing you there!
Speaker: Haydn JohnsonTopic: How to Plan a Purple Team ExerciseIn Purple Teaming is the idea of using a Red Team exercise with clear training objectives for the Blue Team.Great exercises should not just be focused on testing a product, they should also test your active Blue Team members and their skills. But how does one start to think about a Purple Team exercise, how does one go about running one and what does it look like?In this talk we will explain what, why and how, to plan an effective purple team exercise and give some examples. Most enterprise networks are Windows heavy so examples will heavily lean on this. Testing Assumptions, gaps, blind spots is what being proactive is all about. This talk is both for the console folks and non-console folks.
Speaker: James Arlen, Director, Risk Advisory Services at Leviathan Security GroupTopic: Compliant Operations in an aaS WorldMoving towards an entirely cloud-based information technology capability seems to be the end-game for many organizations both large and small. While this is an excellent response to managing complexity and capital expenditures, it doesn't relieve us of the requirement to operate our systems and software in a compliant fashion. When you're operating from multiple (I/P/S)aaS providers and no longer fully operating your own infrastructure, how do you build a management structure (people, process, and technology) to support your ability to report internally and to your customers on your overall compliance posture? How can you know what your actual security posture is?This session is built from years of practical experience in multiple fully public, hybrid, and fully private cloud enabled organizations (and if the stars align, will include practical demonstrations!).Meeting Location: 55 john Street, Toronto. Room: #308/309 (top of escalators)