Abstract image of a woman sitting on books and studying on a laptop

Red Team Framework

👀 Joe Gray

The document discusses the limitations and challenges of traditional penetration testing and red team engagements, highlighting the need for a new framework to better simulate adversarial conditions and measure security metrics that matter. It details a structured approach for red teaming and purple teaming processes, emphasizing objectives, threat identification, execution, and measurement phases. Additionally, it outlines upcoming speaking engagements and training opportunities for the authors, Adrian Sanabria and Joe Gray.

1 of 31
Red Team Framework Adrian Sanabria Joe Gray
About Adrian Defender - 9 years Financial Services Consultant - 5 years Pen Testing, PCI Industry Analyst - 4 years 451 Research Research, Vendor Strategy - 2 years Savage Security, Threatcare, NopSec, Thinkst @sawaba
• Senior Security Architect • 2017 DerbyCon Social Engineering Capture the Flag (SECTF) winner • On 3rd Place Team at 2018 & 2019 NOLACon OSINT CTF (Password Inspection Agency) • On 2nd Place Team at 2019 BSides OSINT CTF (Password Inspection Agency) • Served in the US Navy, Navigating Submarines • CISSP-ISSMP, GSNA, GCIH, OSWP • Forbes Contributor • Currently Authoring Social Engineering and OSINT Book, Securing the Human Element with No Starch Press • Maintained blog and podcast at https://advancedpersistentsecurity.net • Just started offering OSINT training (OSINTion; formerly OSINT Associates) About Joe
Why Create a New Framework? What do these words mean to you? Red Team Purple Team Pen Testing Vuln Assessment WebApp Assessment
What’s wrong with pen testing/red teaming? ● The design is flawed and can’t fulfill expectations ○ Not an indicator of an organization’s risk ○ Doesn’t simulate adversaries ○ Tries to prove/disprove a persistent negative ● The execution is inefficient; lots of room for improvement ○ Consulting industry ‘cash cow’ – why change? ○ Lack of automation; process improvement; feedback loops ○ Better alternatives are sold as ‘advanced’, to more mature orgs ● It isn’t what clients need to improve
Pen Test vs Red Team Engagement Pen Test • Pwnage based • Largely for compliance • Incorrectly helps management sleep better (digital melatonin) Red Team • Objective based • Emulates a specific actor or TTP • Seeks to measure various metrics that actually matter (Penetration capability, detection, etc)
Myth #1 Penetration tests are accurate measurements of an organization’s security
Myth #2 Penetration testing emulates adversarial behavior
Myth #3 Penetration tests serve no purpose in a mature organization’s environment
Myth #4 Penetration testing is synonymous with red teaming
Myth #5 Black box testing is the most comprehensive method of applied security testing
Red Teaming Process Scoping ID the Threat Model Baseline Security Rescoping Learning Execution Measurement Debriefing Retesting Purple Team
Scoping • Define the objective(s) • Define success • Scope the following: • Time • Money • Number of systems • Rules of Engagement • IOCs/TTPs to utilize
Identification of Threat Model • Based on several variables • Client base • Geographic Location • Line of business • Government affiliations • Sector/Industry
Baseline Security Model • Are you tall enough to ride the proverbial ride? • Frameworks like Centre for Internet Security Critical Security Controls • Minimum of the Top 5 • Vulnerability Management • Previous Testing • DFIR/Monitoring Capabilities? • NIST SP 800-53
Rescoping • Refine the objective(s) • Focus the scope the following: • Time (time frame and allocated hours to complete) • Money • Refine Number of systems (likely a lower number than in scoping) • Rules of Engagement • Social Engineering, Web, Exploit Development • IOCs/TTPs to utilize • Potentially solicit input from an ISAC
Learning • “Simulated Dwell Time” • Access to and/or data from: • SEIM • Previous Reports • PCAPs, Netflow, other monitoring tools • Diagrams • Configurations • Interviews
Execution • Reference technical frameworks: • Pen Test Execution Standard • Social Engineering Framework • Mitre ATT&CK
Measurement • I see you, do you see me? • Data points: • Time to detect • Quality of report • Accuracy of the report • Actions taken • Efficacy of actions taken
Debriefing • Presentation including: • TTPs • Findings • Statistics from Measurement Phase • Recommended Actions • Qualitative Score
Retesting • Allow the organization to retrain, adjust, and retry
Purple Teaming • Similar to retesting, but the adversary is in the room/in communication with the defensive team • Allows the adversaries to allow detection attempts or announce actions to teach detections • More efficient that turning the noise up or Thunderstrucking or Rick Rolling
Supporting Frameworks ● Pen Test Execution Standard ○ http://www.pentest-standard.org/index.php/Main_Page ● Social Engineering Framework ○ https://www.social-engineer.org/framework/general-discussion/ ● Mitre ATT&CK ○ https://attack.mitre.org/ ● NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment) ○ https://csrc.nist.gov/publications/detail/sp/800-115/final ● More here: https://www.owasp.org/index.php/Penetration_testing_methodologies#Technical_Guide_to_Information_Security_Testing_and_Asses sment_.28NIST800-115.29
Joe’s Upcoming Speaking Engagements • 9/26-27: DefendCon (Seattle) • 10/10-11: HackerHalted (Atlanta, GA) • 10/22: Wild West Hackin Fest
Adrian’s Upcoming Speaking Engagements Virus Bulletin 2019 in London: Closing Keynote with Haroon Meer
Upcoming OSINT Training Opportunities • In-Person •All with details TBD (unless otherwise noted): • Louisville (around the time of DerbyCon • Atlanta (around the time of HackerHalted) • Maybe Dallas, Philadelphia, and Boston in 2019 •Online: • More upcoming, watch Twitter and LinkedIn
Hacker Halted 2019 • October 10-11 • Atlanta, GA USA • Free Admission • Coupon Code: Joe100 or https://hackerhalted2019.eventbrite.com?discount=Joe100 • Discount on Training • Coupon Code: JJHHTRN (15% off training) • Register at: - https://hackerhalted2019.eventbrite.com
Recon-ng Training • August 29 • 6-8 PM (Eastern Time) • Coupon Code: 13BSIDESLV37 • August 31 • 1-3 PM (Eastern Time) • Coupon Code: 13BSIDESLV37 • Register for either here: • https://bit.ly/2YVqyJu
Questions?
Contacting Us • Contacting Adrian: • @sawaba • Contacting Joe: • @C_3PJoe | @advpersistsec | @hackingglass • @TheOSINTion |@valhallainfos3c • Facebook.com/theOSINTion • LinkedIn.com/in/JoeGrayInfosec
Red Team Framework

More Related Content

PPTX
Security operation center (SOC)
Ahmed Ayman
 
PPTX
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
 
PPTX
Red team Engagement
Indranil Banerjee
 
PPTX
Red team and blue team in ethical hacking
Vikram Khanna
 
PPSX
Next-Gen security operation center
Muhammad Sahputra
 
PPTX
Threat hunting - Every day is hunting season
Ben Boyd
 
PDF
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
PDF
Threat Hunting with Splunk Hands-on
Splunk
 
Security operation center (SOC)
Ahmed Ayman
 
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
 
Red team Engagement
Indranil Banerjee
 
Red team and blue team in ethical hacking
Vikram Khanna
 
Next-Gen security operation center
Muhammad Sahputra
 
Threat hunting - Every day is hunting season
Ben Boyd
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
Threat Hunting with Splunk Hands-on
Splunk
 

What's hot(20)

PDF
Threat Intelligence
Deepak Kumar (D3)
 
PDF
Adversary Emulation and Red Team Exercises - EDUCAUSE
Jorge Orchilles
 
PDF
Building an InfoSec RedTeam
Dan Vasile
 
PDF
Cyber Threat Intelligence
mohamed nasri
 
PPTX
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
PPTX
Roadmap to security operations excellence
Erik Taavila
 
PPTX
Optimizing Security Operations: 5 Keys to Success
Sirius
 
PDF
Building Security Operation Center
S.E. CTS CERT-GOV-MD
 
PDF
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
PDF
Threat Hunting Report
Morane Decriem
 
PPTX
Red Team vs. Blue Team
EC-Council
 
PDF
How MITRE ATT&CK helps security operations
Sergey Soldatov
 
PPTX
SOC: Use cases and are we asking the right questions?
Jonathan Sinclair
 
PPTX
Soc
Mukesh Chaudhari
 
PDF
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE - ATT&CKcon
 
PDF
MITRE ATT&CK Framework
n|u - The Open Security Community
 
PDF
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
ODP
Cyber security awareness
Jason Murray
 
PDF
Security operations center 5 security controls
AlienVault
 
PPTX
Cyber Kill Chain.pptx
Vivek Chauhan
 
Threat Intelligence
Deepak Kumar (D3)
 
Adversary Emulation and Red Team Exercises - EDUCAUSE
Jorge Orchilles
 
Building an InfoSec RedTeam
Dan Vasile
 
Cyber Threat Intelligence
mohamed nasri
 
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
Roadmap to security operations excellence
Erik Taavila
 
Optimizing Security Operations: 5 Keys to Success
Sirius
 
Building Security Operation Center
S.E. CTS CERT-GOV-MD
 
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Threat Hunting Report
Morane Decriem
 
Red Team vs. Blue Team
EC-Council
 
How MITRE ATT&CK helps security operations
Sergey Soldatov
 
SOC: Use cases and are we asking the right questions?
Jonathan Sinclair
 
Soc
Mukesh Chaudhari
 
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE - ATT&CKcon
 
MITRE ATT&CK Framework
n|u - The Open Security Community
 
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
Cyber security awareness
Jason Murray
 
Security operations center 5 security controls
AlienVault
 
Cyber Kill Chain.pptx
Vivek Chauhan
 

Similar to Red Team Framework(20)

PDF
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Core Security
 
PDF
Building a Successful Internal Adversarial Simulation Team - Chris Gates & Ch...
Chris Gates
 
PPTX
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
PPTX
Using IOCs to Design and Control Threat Activities During a Red Team Engagement
Joe Vest
 
PPTX
Purple Teaming - The Collaborative Future of Penetration Testing
FRSecure
 
PPTX
FUEL_USERS_GROUP
Will Pearce
 
PDF
DTS Solution - Penetration Testing Services v1.0
Shah Sheikh
 
PDF
SCYTHE Purple Team Workshop with Tim Schulz
Jorge Orchilles
 
PDF
2020 11-15 marcin ludwiszewski - purple, red, blue and others - rainbow team...
Marcin Ludwiszewski
 
PDF
So you want to be a red teamer
Jorge Orchilles
 
PPTX
Why Pentesting is Vital to the Modern DoD Workforce
Global Knowledge Training
 
PPTX
Adversarial Emulation and the C2 Matrix - Presented at Wild West Hackin Fest ...
Jorge Orchilles
 
PDF
Purple Team Exercise Hands-On Workshop #GrayHat
Jorge Orchilles
 
PDF
Red Team Assessment Services What Are They and Why Your Company Needs Them.pdf
tsldigitalm
 
PDF
Why Penetration Testing is Crucial for Cybersecurity
kandrasupriya99
 
PDF
Purple Team Exercise Workshop December 2020
Jorge Orchilles
 
PDF
Purple Team - Offensive and Defensive collaborative simulation
Adam Nurudini
 
PDF
External Threat Hunters are Red Teamers
Jorge Orchilles
 
PDF
Penetration Testing Services - Redfox Cyber Security
Karan Patel
 
PPT
Pentesting hygt frde education of engi.ppt
asranausheenasra
 
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Core Security
 
Building a Successful Internal Adversarial Simulation Team - Chris Gates & Ch...
Chris Gates
 
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
Using IOCs to Design and Control Threat Activities During a Red Team Engagement
Joe Vest
 
Purple Teaming - The Collaborative Future of Penetration Testing
FRSecure
 
FUEL_USERS_GROUP
Will Pearce
 
DTS Solution - Penetration Testing Services v1.0
Shah Sheikh
 
SCYTHE Purple Team Workshop with Tim Schulz
Jorge Orchilles
 
2020 11-15 marcin ludwiszewski - purple, red, blue and others - rainbow team...
Marcin Ludwiszewski
 
So you want to be a red teamer
Jorge Orchilles
 
Why Pentesting is Vital to the Modern DoD Workforce
Global Knowledge Training
 
Adversarial Emulation and the C2 Matrix - Presented at Wild West Hackin Fest ...
Jorge Orchilles
 
Purple Team Exercise Hands-On Workshop #GrayHat
Jorge Orchilles
 
Red Team Assessment Services What Are They and Why Your Company Needs Them.pdf
tsldigitalm
 
Why Penetration Testing is Crucial for Cybersecurity
kandrasupriya99
 
Purple Team Exercise Workshop December 2020
Jorge Orchilles
 
Purple Team - Offensive and Defensive collaborative simulation
Adam Nurudini
 
External Threat Hunters are Red Teamers
Jorge Orchilles
 
Penetration Testing Services - Redfox Cyber Security
Karan Patel
 
Pentesting hygt frde education of engi.ppt
asranausheenasra
 

Recently uploaded(20)

PPTX
Introduction-to-Artificial-Intelligence (1).pptx
MohammadkhalidshFaq
 
PDF
Curriculum Vitae: McGee Steve Resume.pdf
Steven McGee
 
DOCX
Test Engineering documents for designing
QuocAnhPhung1
 
PDF
NewMind AI Weekly Chronicles – September ’25 Week I
NewMind AI
 
PDF
SUPPLY CHAIN MANAGEMENT IN INDIAN AUTOMOTIVE INDUSTRY : COMPLEXITIES, CHALLEN...
ijmvsc
 
PDF
“Introduction to Designing with AI Agents,” a Presentation from Amazon Web Se...
Edge AI and Vision Alliance
 
PDF
Slides World Game (s) Great Redesign Eco Economic Epochs.pdf
Steven McGee
 
PDF
EGCB_Solar_Project_Presentation_and Finalcial Analysis.pdf
TaukirIslam
 
PPTX
Upskill to Agentic Automation: Prompting & Agentic Thinking with UiPath
DianaGray10
 
PDF
Applying Agentic AI in Enterprise Automation
DianaGray10
 
PDF
TrustArc Webinar - Executive Perspectives on Data Privacy
TrustArc
 
PDF
The Basics of Artificial Intelligence - Understanding the Key Concepts and Te...
FODUU
 
PPTX
AI-Enhanced Detection- Proposal Presentation
BimsaraKumarasinghe1
 
PDF
Revolutionizing recommendations a survey: a comprehensive exploration of mode...
IAESIJAI
 
PDF
Easy Python and AI Presentation (developed with AI)
MuhammadAdeel299943
 
PPTX
Generative AI at Oracle- The next frontier of enterprise innovation.pptx
Geovanni Vega Velásquez
 
PDF
The Ultimate Guide to Make AI Agents_ From Creation to Advanced Automation.pdf
SOFTTECHHUB
 
PDF
Be ready for tomorrow’s needs with a longer-lasting, higher-performing PC
Principled Technologies
 
PDF
Module 1 - COMMUNICATION SATELLITEScrev (5).pdf
NacerBaouche
 
PDF
Broiler meats tenderness prediction using near infrared spectroscopy against ...
IAESIJAI
 
Introduction-to-Artificial-Intelligence (1).pptx
MohammadkhalidshFaq
 
Curriculum Vitae: McGee Steve Resume.pdf
Steven McGee
 
Test Engineering documents for designing
QuocAnhPhung1
 
NewMind AI Weekly Chronicles – September ’25 Week I
NewMind AI
 
SUPPLY CHAIN MANAGEMENT IN INDIAN AUTOMOTIVE INDUSTRY : COMPLEXITIES, CHALLEN...
ijmvsc
 
“Introduction to Designing with AI Agents,” a Presentation from Amazon Web Se...
Edge AI and Vision Alliance
 
Slides World Game (s) Great Redesign Eco Economic Epochs.pdf
Steven McGee
 
EGCB_Solar_Project_Presentation_and Finalcial Analysis.pdf
TaukirIslam
 
Upskill to Agentic Automation: Prompting & Agentic Thinking with UiPath
DianaGray10
 
Applying Agentic AI in Enterprise Automation
DianaGray10
 
TrustArc Webinar - Executive Perspectives on Data Privacy
TrustArc
 
The Basics of Artificial Intelligence - Understanding the Key Concepts and Te...
FODUU
 
AI-Enhanced Detection- Proposal Presentation
BimsaraKumarasinghe1
 
Revolutionizing recommendations a survey: a comprehensive exploration of mode...
IAESIJAI
 
Easy Python and AI Presentation (developed with AI)
MuhammadAdeel299943
 
Generative AI at Oracle- The next frontier of enterprise innovation.pptx
Geovanni Vega Velásquez
 
The Ultimate Guide to Make AI Agents_ From Creation to Advanced Automation.pdf
SOFTTECHHUB
 
Be ready for tomorrow’s needs with a longer-lasting, higher-performing PC
Principled Technologies
 
Module 1 - COMMUNICATION SATELLITEScrev (5).pdf
NacerBaouche
 
Broiler meats tenderness prediction using near infrared spectroscopy against ...
IAESIJAI
 

Red Team Framework

  • 1.
    Red Team Framework AdrianSanabria Joe Gray
  • 2.
    About Adrian Defender -9 years Financial Services Consultant - 5 years Pen Testing, PCI Industry Analyst - 4 years 451 Research Research, Vendor Strategy - 2 years Savage Security, Threatcare, NopSec, Thinkst @sawaba
  • 3.
    • Senior SecurityArchitect • 2017 DerbyCon Social Engineering Capture the Flag (SECTF) winner • On 3rd Place Team at 2018 & 2019 NOLACon OSINT CTF (Password Inspection Agency) • On 2nd Place Team at 2019 BSides OSINT CTF (Password Inspection Agency) • Served in the US Navy, Navigating Submarines • CISSP-ISSMP, GSNA, GCIH, OSWP • Forbes Contributor • Currently Authoring Social Engineering and OSINT Book, Securing the Human Element with No Starch Press • Maintained blog and podcast at https://advancedpersistentsecurity.net • Just started offering OSINT training (OSINTion; formerly OSINT Associates) About Joe
  • 4.
    Why Create aNew Framework? What do these words mean to you? Red Team Purple Team Pen Testing Vuln Assessment WebApp Assessment
  • 5.
    What’s wrong withpen testing/red teaming? ● The design is flawed and can’t fulfill expectations ○ Not an indicator of an organization’s risk ○ Doesn’t simulate adversaries ○ Tries to prove/disprove a persistent negative ● The execution is inefficient; lots of room for improvement ○ Consulting industry ‘cash cow’ – why change? ○ Lack of automation; process improvement; feedback loops ○ Better alternatives are sold as ‘advanced’, to more mature orgs ● It isn’t what clients need to improve
  • 6.
    Pen Test vsRed Team Engagement Pen Test • Pwnage based • Largely for compliance • Incorrectly helps management sleep better (digital melatonin) Red Team • Objective based • Emulates a specific actor or TTP • Seeks to measure various metrics that actually matter (Penetration capability, detection, etc)
  • 7.
    Myth #1 Penetration testsare accurate measurements of an organization’s security
  • 8.
    Myth #2 Penetration testingemulates adversarial behavior
  • 9.
    Myth #3 Penetration testsserve no purpose in a mature organization’s environment
  • 10.
    Myth #4 Penetration testingis synonymous with red teaming
  • 11.
    Myth #5 Black boxtesting is the most comprehensive method of applied security testing
  • 12.
    Red Teaming Process Scoping IDthe Threat Model Baseline Security Rescoping Learning Execution Measurement Debriefing Retesting Purple Team
  • 13.
    Scoping • Define theobjective(s) • Define success • Scope the following: • Time • Money • Number of systems • Rules of Engagement • IOCs/TTPs to utilize
  • 14.
    Identification of ThreatModel • Based on several variables • Client base • Geographic Location • Line of business • Government affiliations • Sector/Industry
  • 15.
    Baseline Security Model •Are you tall enough to ride the proverbial ride? • Frameworks like Centre for Internet Security Critical Security Controls • Minimum of the Top 5 • Vulnerability Management • Previous Testing • DFIR/Monitoring Capabilities? • NIST SP 800-53
  • 16.
    Rescoping • Refine theobjective(s) • Focus the scope the following: • Time (time frame and allocated hours to complete) • Money • Refine Number of systems (likely a lower number than in scoping) • Rules of Engagement • Social Engineering, Web, Exploit Development • IOCs/TTPs to utilize • Potentially solicit input from an ISAC
  • 17.
    Learning • “Simulated DwellTime” • Access to and/or data from: • SEIM • Previous Reports • PCAPs, Netflow, other monitoring tools • Diagrams • Configurations • Interviews
  • 18.
    Execution • Reference technicalframeworks: • Pen Test Execution Standard • Social Engineering Framework • Mitre ATT&CK
  • 19.
    Measurement • I seeyou, do you see me? • Data points: • Time to detect • Quality of report • Accuracy of the report • Actions taken • Efficacy of actions taken
  • 20.
    Debriefing • Presentation including: •TTPs • Findings • Statistics from Measurement Phase • Recommended Actions • Qualitative Score
  • 21.
    Retesting • Allow theorganization to retrain, adjust, and retry
  • 22.
    Purple Teaming • Similarto retesting, but the adversary is in the room/in communication with the defensive team • Allows the adversaries to allow detection attempts or announce actions to teach detections • More efficient that turning the noise up or Thunderstrucking or Rick Rolling
  • 23.
    Supporting Frameworks ● PenTest Execution Standard ○ http://www.pentest-standard.org/index.php/Main_Page ● Social Engineering Framework ○ https://www.social-engineer.org/framework/general-discussion/ ● Mitre ATT&CK ○ https://attack.mitre.org/ ● NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment) ○ https://csrc.nist.gov/publications/detail/sp/800-115/final ● More here: https://www.owasp.org/index.php/Penetration_testing_methodologies#Technical_Guide_to_Information_Security_Testing_and_Asses sment_.28NIST800-115.29
  • 24.
    Joe’s Upcoming SpeakingEngagements • 9/26-27: DefendCon (Seattle) • 10/10-11: HackerHalted (Atlanta, GA) • 10/22: Wild West Hackin Fest
  • 25.
    Adrian’s Upcoming SpeakingEngagements Virus Bulletin 2019 in London: Closing Keynote with Haroon Meer
  • 26.
    Upcoming OSINT TrainingOpportunities • In-Person •All with details TBD (unless otherwise noted): • Louisville (around the time of DerbyCon • Atlanta (around the time of HackerHalted) • Maybe Dallas, Philadelphia, and Boston in 2019 •Online: • More upcoming, watch Twitter and LinkedIn
  • 27.
    Hacker Halted 2019 •October 10-11 • Atlanta, GA USA • Free Admission • Coupon Code: Joe100 or https://hackerhalted2019.eventbrite.com?discount=Joe100 • Discount on Training • Coupon Code: JJHHTRN (15% off training) • Register at: - https://hackerhalted2019.eventbrite.com
  • 28.
    Recon-ng Training • August29 • 6-8 PM (Eastern Time) • Coupon Code: 13BSIDESLV37 • August 31 • 1-3 PM (Eastern Time) • Coupon Code: 13BSIDESLV37 • Register for either here: • https://bit.ly/2YVqyJu
  • 29.
  • 30.
    Contacting Us • ContactingAdrian: • @sawaba • Contacting Joe: • @C_3PJoe | @advpersistsec | @hackingglass • @TheOSINTion |@valhallainfos3c • Facebook.com/theOSINTion • LinkedIn.com/in/JoeGrayInfosec