DevBlue: Applying Software Engineering Practices to Blue Teaming for the Win! -SANS Blue Team Summit

Channel:
United States SANS Cyber Defense
Subscribers:
23,600
Published on ● Video Link: https://www.youtube.com/watch?v=H3bsVOlGZfg


Duration: 35:15
459 views
6

Have you wondered what happens when you get world-class devs and blue team experts in the same team? Meet DevBlue! In this talk, Lucia and Ismael will share lessons learned in a journey where devs and blue teamers have worked together to create an endpoint detection and response (EDR) product. But please keep reading, this is not a product talk! Rather, through the use of practical examples, we want to show you how proven software engineering practices can help you methodically grow your detection capabilities in weekly increments.

In particular, we will cover how to set up and manage an engineering blue team (a.k.a. DevBlue) to apply practices such as issue tracking, peer review, unit testing, automated red teaming testing, continuous delivery, operational intelligence mining, post-exploitation tools, purple teaming, and security posture measurement using the MITRE ATT&CK matrix as a reference.

Lucia Coppes, EDR Software Engineer, McAfee

Ismael Valenzuela @aboutsecurity, Principal Engineer, McAfee; Certified Instructor, SANS Institute



Other Videos By SANS Cyber Defense


2020-11-16Full Packet Capturing with TShark for Continuous Monitoring & Threat Intel via IP, Domains, & URLS
2020-09-14PowerShell 2020: State of the Art / Hack / Infection
2020-07-30Social Engineering Your Way to Success | Justin Henderson & Ismael Valenzuela
2020-07-22Extending Your Home Lab to include Cloud
2020-07-17Danger Stewards – Measuring Risk and Predicting the Future for Fun and Profit
2020-07-17Network Compromise for the Technically Challenged (Dummies)
2020-07-17You Can Write an Infosec Book!
2020-07-17ICMP: A world beyond ping
2020-07-17CISSP Test-Taking Tactics: Successfully Navigating Adaptive Exams
2020-07-08Threat Intelligence: How to Focus Fire on the Bad Guys Coming for Your Network-SANS Blue Team Summit
2020-07-08DevBlue: Applying Software Engineering Practices to Blue Teaming for the Win! -SANS Blue Team Summit
2020-07-08Put Some Power in Your Shell: POSH for Incident Response at Scale - SANS Blue Team Summit
2020-07-08Creativity, Convergence, & Choices: Security Analyst Thinking Modes - SANS Blue Team Summit
2020-07-08Threat Hunting via DNS with Eric Conrad - SANS Blue Team Summit 2020
2020-07-08Cobot Uprising: Smart Automation for Blue Teams with Mark Orlando - SANS Blue Team Summit 2020
2020-07-08Real-Time OSINT: Investigating Events as They Happen with Josh Huff | SANS OSINT Summit 2020
2020-07-08Weaponizing the Deep Web with Matt Edmondson - SANS OSINT Summit 2020
2020-06-28CISSP Cram Session | SANS Webcast Series
2020-06-18Putting Your SOC to the Test | John Hubbard
2020-06-13OSINT Reverse Image Searching with Search-By-Image - SANS OSINT Series
2020-06-13OSINT Video Verification with InVid, Google Maps & Street View - SANS OSINT Series