Tim Schulz - Automating Adaptive Adversaries

As organizations continue to integrate and scale with new levels of technology stacks and IT infrastructure, security testing leveraging the latest adversary behaviors has been slow to keep up. The field of security practitioners has heavily relied on individual expertise to tackle this scaling challenge over the past decade. Ransomware groups and other threat actors have continued to adapt with new tactics, techniques, and procedures as the profitability of cyber crime continues to provide adversaries with significant resources. These destructive groups have brought the discussion of cybersecurity to every business and individual's front door, so why does such a scaling gap for security testing still exist? The resource shift has caused a massive imbalance for defenders, especially those that rely on individual expertise since it cannot scale well by itself. Automation of adversary behaviors is increasingly important for organizations to understand how their security posture will fare against the latest adversaries. This talk will take attendees through a story of information security challenges with adversary automation, scaling, and present a path forward. Audiences can expect to walk away with a broader understanding of the challenges of adversary automation, where to evaluate risk with automation, and how we as testers can communicate the nuances of automation in our workflows with customers and clients.