Challenges in Control Validation
2022-08-13, 15:00–16:00 (US/Pacific), Main Stage (In-person)

Testing security controls is hard. Really hard. Every incident responder has lived with victims who are sure existing security controls should have prevented or detected the intrusion. While some organizations don’t do any security control validation, those that do understand the challenges. While red team operations allow for point-in-time validation, how are organizations dealing with control validations during product updates or configuration changes? By and large the answer is “they aren’t.” On this panel, we’ll discuss why control validation is difficult. Then we’ll discuss recommendations for scaling control validation operations in practically any organization.

Sample panel questions may include:
How is control validation different from red teaming?
Isn’t control validation just purple teaming? (it’s not)
How do you recommend my organization starts its first control validation exercise?
What’s you #1 recommendation for maturing a control validation program?
What are methods for scaling control validation programs?
How much validation is too much? When is the cost no longer justified?

Jake Williams is the Executive Director of Cyber Threat Intelligence at SCYTHE. Williams is an IANS Faculty Member and also works as a SANS Analyst. He is a prolific speaker on topics in information security and has trained thousands of people on incident response, red team operations, reverse engineering, cyber threat intelligence, and other information security topics. Jake is the two time winner of the DC3 Digital Forensics Challenge, a recipient of the DoD Exceptional Civilian Service Award, and is one of only a handful of people to ever be certified as Master Network Exploitation Operator by the US Government.

Alissa Torres is passionate about security operations and empowering analysts to succeed in blue team ops. Her professional experience in various security roles over her career includes forensic investigations, enterprise incident response and threat hunting, security services consulting, and incident response management. Alissa currently serves as Senior Threat Hunter at Palo Alto Networks. Having taught as principal faculty for several pivotal cybersecurity training institutions over the last decade, Alissa has engaged hundreds of skilled professionals around the world, growing a legion of artifact hunters who share a common affinity for adversary tracking.

This speaker also appears in:

Kristen is a Cyber Threat Intelligence Analyst at SCYTHE. Prior to joining the herd she worked for the United States Department of the Army in various roles ranging from network and system administration to vulnerability management and cyber compliance. She has a penchant for solving technical puzzles, leaping from perfectly good airplanes (or cliffs), and finding the best local hole-in-the-wall restaurants. If you want to talk about foreign travel, sports nutrition, or why Episodes 4-6 are the only Star Wars movies that matter, she's your girl!