Trying something for yourself is always a much better learning experience than just reading about it. With that in mind, we recently hosted a Red-Blue team event at ExtraHop headquarters in Seattle where IT professionals had an opportunity to attack and defend a network. Our partner CompuNet brought their Red-Blue team set up, which included an impressive rack of networked servers and an ExtraHop Reveal(x) deployment.
The Red team stepped through an attack playbook, scanning an environment and running exploits to gain control over systems. The Blue team used Reveal(x) to identify and observe what the attackers were doing in real time. The goal was to help all participants understand how attackers pursue their goals so that they can take common-sense defensive actions in their real-world environments.
Watch the two-minute video below to hear from the organizers and participants: