Adversary Emulation and Red Team Exercises

On Demand
Session Type: Virtual
Delivery Format: On Demand

Adversary emulation is a type of ethical hacking engagement where the red team emulates how an adversary operates, leveraging the same tactics, techniques, and procedures (TTPs) against a target organization. The goal of these engagements is to train and improve people, process, and technology, in contrast to a penetration test that focuses on testing technology and preventive controls. Adversary emulations are performed using a structured approach following industry methodologies and frameworks (such as MITRE ATT&CK) and leverage cyberthreat intelligence to emulate a malicious actor that has the opportunity, intent, and capability to attack the target organization. Adversary emulations may be performed in a blind manner (red team engagement) or nonblind (purple team), with the blue team having full knowledge of the engagement. This webinar will teach you to plan and execute a high-value adversary emulation in a blind red team engagement or as a purple team (in collaboration with the defenders/blue team).

Outcomes: Learn how to consume threat intelligence for adversary emulation * Learn how to plan and execute red team exercises * Learn how to demonstrate value by recording and improving metrics for detection and response


  • Jorge Orchilles

    Instructor and Author, The Escal Institute for Advanced Technologies Inc/dba SANS Institute