Many initiatives in application security are focused on blue team defenses and secure SDLC processes, but should offensive security, such as red teaming and pentesting, play a more active role in our strategy?
This is NOT a presentation by a distinguished speaker, but rather a topic-focused open discussion for all of us. No matter your experience level, join us to share your opinions, or just listen and learn!
In this session, we'll cover:
How we define offensive vs. defensive security
- The difference between blue, red, and purple teaming
- Should pentesting go beyond compliance?
- Should we all learn how to pentest?
We'll keep our focus on the topic, but there's no telling where the conversation will go. It's up to you to direct it through your questions and responses!
* We do not record our sessions and follow Chatham House Rules in order to protect the privacy, identities, and reputations of our participants while encouraging open and honest conversation.
Colorado = Security
Check out our resources in the navigation bar.