050324-redteam2005-notice3

7/27/2019 050324-redteam2005-notice3

1/10

This government-wide event is focused on improvement ofadversarial-based assessments including variants such asred teaming, blue teaming, vulnerability assessment, riskassessment, etc., as applied for issues analysis and acrossthe lifecycle of systems from concept, R&D, prototype,deployment, and operation, through consideration ofphysical, cyber, CBRNE, and other threats. Therefore, thewords red team are used in a general context for this event.

Dual themes, Red Teaming for Homeland Security andRed Teaming Information Operations, will be representedn two threads, and are intended to focus on particularneeds, tools, and experience in these domains.

This conference is a forum for sharing and discussion aboutcurrent events, capability, process, tools, lessons learned,training, and certifications for this field and how red teamingcan be applied to solve a range of current program andanalysis issues.

Who should attend?This conference is intended for those who operate or arenvolved in government red teaming as well as those whouse red team services or are considering use of red teamingas a tool for their program. Content will span strategic high-evel issues through in-depth technical and proceduralssues. This conference will not contain active red teamingevents, although live demonstration systems and displaysare welcome.

Attendees must be government employees or contractors

that provide or use red teaming services for the government.A secret collateral (National Security Information) clearances required. U.S. citizenship is required. (S//NF)

Who is coming? Those who have committed to participatenclude AFOTEC, AFRL, Army 1st IO Command, CERT/CC,DOE/NNSA, DoJ, DARPA, DTRA, DHS, Federal Air MarshalService, Global Infotek, Inc., Homeland Security Institute,HSARPA, Idaho National Labs, JHU/APL, JIOC, MIT, Mitre,

National Assessment Group, NORAD/NORTHCOM, NSANuclear Fuel Services, OSD/NII, PACAF, Pacific NorthweNational Labs, Naval Post Graduate School, Sandia NatioLabs, TRADOC, TSWG, USDI. Add your organizationsname to this list and join in the fun and important issues tobe considered. A broad representation of viewpoints willbenefit the red team community!

Last call for participationIts time to bring the red teaming community together!Participate with your ideas, insights, and experience bypresenting, leading discussion panels, technical sessionsand sidebar discussions. Please contact the technicalprogram host to participate. Limited space is now availablfor additional presentations in both topic areas.

Location

REDTEAM2005 is being held at Sandia National

Laboratories, Kirtland AFB (KAFB), Albuquerque, NM.

Agenda NEW INFORMATION

This PDF file contains an incomplete draft set of agendaitems with the exception of defined panel sessions. We wdevelop the panel sessions in the next week or two. See following pages. Please note that times and dates maychange for certain speakers as final adjustments are madWe currently have three simultaneous briefing tracks withseveral optional tours being planed. Please see our web for past notices and intent for agenda.

A speaker registration form, available on the web site, willhelp you understand what we need to know about yourpresentation.

Exhibit space

Limited exhibit space is available for organizations to provattendees with additional information about capability, tooand other items about red team programs. This space is nintended for commercial sales or third-party tool vendors,

Preliminary Agenda Item

INITIAL DRAFT AGENDFinal Call for Participatio

Notice

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company

for the United States Department of Energy under Contract DE-AC04-94AL85000

24 March 2005

SAND 2005-0099P

7/27/2019 050324-redteam2005-notice3

2/10

for those that are engaged as red teams and develop redteam tools as a way to share additional detail about theirwork or programs. Cost for exhibit display space including10-foot display unit backdrop and 8-foot table is $300.Specific details and availability of exhibit space must benegotiated with the conference coordinator.

Cost to attend

A conference fee includes conference materials, associated

meals, and follow-up information. The fee is $150 beforeApril 1st, 2005 and $200 after that date. Additional costapplies for exhibit space.

Registration

Registration materials are available on the web site.Payment by credit card is preferred. Payment by check willalso be accepted. Registration is limited to facility capacity.

Travel reservations

Attendees should plan travel on or before Monday April 25th.

Those attending Thursday afternoon activities may have todepart on Friday. The Albuquerque International Sunport(ABQ) is located close to Kirtland AFB. Travel time from theconference events on KAFB to the airport area is typically 15minutes. A set of hotel rooms have been blocked, and mapswill be available on the web site.

Access to KAFB is controlled but guests to this conferencewill be allowed entry. Information about access to the basewill be provided upon registration. We will provide limitedbus transport from the main hotel to and from the event;

however, attendees are welcome to obtain rental cars.Check future updates on the web site for more information.

Additional information about Albuquerque and thesurrounding area is available at the Albuquerque Convention& Visitors Bureau site www.itsatrip.org and city sitewww.cabq.gov. Information about KAFB is available atwww.kirtland.af.mil. Information about Sandia NationalLaboratories is available at www.sandia.gov.

More information

Register for email notification or other information by sendinga message to [email protected]. See updatednformation at www.sandia.gov/redteam2005/ and throughemail to those who have registered requesting information.

Conference coordinator is Amy D. Bowen, 505-284-3178,[email protected]. Technical program host is MichaelSkroch, 505-844-0104, [email protected],[email protected].

7/27/2019 050324-redteam2005-notice3

3/10

Conference Agenda Overview

Draft 24 Mar 05 - Note that dates and times are notional and

may change as the agenda is finalized!

Speaker: Michael Skroch

Manager, Information Operations Red Team & Assessment

Sandia National Laboraotories

26-Apr-05

8:30 9:00

Host RT2005

Title: Host Welcome & Introductions

to

Speaker: Robert Lentz

Director Information Assurance

OASD(NII)

26-Apr-05

9:00 9:55

Keynote

Title: State of Health Metrics, Netcentric Update, Red Teaming Policy

to

Speaker: Robert Waters

Security Systems Analysis

Sandia National Laboratories

26-Apr-05

10:00 10:45

HS Brief

Title: Mission/Capability: Red Teaming for Physical Security

to

Speaker: Matt Mayes

Mission Director/NSA Red Team Operations

NSA Red Team

26-Apr-05

10:15 10:45

IO Brief

Title: Red Team Attack Methodology

to

Speaker: Mike McGannon

Intelligence Analyst/Imagery Analyst/UAV Sensor Operato

SRA International Inc. Adroit C4ISR Center

26-Apr-05

11:00 11:45

Brief

Title: Red Teaming in Wargaming: The Red Team Cookbook Series

to

Speaker: Richard T. Evans

Army Penetration Testing and Exploitation Program Manag

US Army Computer Emergency Response Team

26-Apr-05

12:15 13:00

IO Brief

Title: Army Penetration Testing and Exploitation program: Certification andAttack Environment & Tools

to

Page 1 of 8Conference Agenda Overview - DRAFT (as of 24 Mar 2005)REDTEAM2005 April 26-28, 2005

7/27/2019 050324-redteam2005-notice3

4/10

Speaker: Beth Ahern

Homeland Securities and Information Technologies Depart

The Mitre Corporation

26-Apr-05

13:00 13:40

HS Brief

Title: Project Looking Glass

to

Speaker: Prof Gerald Brown

Operations Research Department

Naval Post Graduate School

26-Apr-05

13:45 14:15

HS Brief

Title: How To Optimally Interdict a Belligerent Project to Develop a NuclearWeapon

to

Speaker: Matt Mayes

Mission Director/NSA Red Team Operations

NSA Red Team

26-Apr-05

13:45 14:30

IO Brief

Title: Branch Network Enumeration

to

Speaker: Michael E. Senglaub, Ph.D.

Systems Engineering/Force Protection Systems


26-Apr-05

13:45 14:30

IO Brief

Title: Critical Considerations in IO Vulnerability Assessment and MetricsDevelopment

to

Speaker: LCDR James Caroland

Chief/NSA Red Team Advanced Security Research Branch

NSA Red Team

26-Apr-05

13:45 14:30

IO Brief

Title: Branch Tool Development for Red Teaming

to

Speaker: Scott Tousley

DHS Science & Technology

US Department of Homeland Security

26-Apr-05

14:30 15:15

HS Brief

Title: Nuclear Detection Red Teaming: Concept Discussion

to

Speaker: Robert JungInformation Operations Red Team & Assessments (IORTA)


26-Apr-05

14:45 15:15

IO Brief

Title: Attack Graph and other Tool Development in IORTA

to


7/27/2019 050324-redteam2005-notice3

5/10

Speaker: Fred M. Rosen

Surety Assessment Center


26-Apr-05

15:45 16:30

HS Brief

Title: Red Teaming Nuclear Weapons: The Surety Assessment Center at SandiaNational Laboratories

to

Speaker: Dave Farrell

Cyber Defense Agency

26-Apr-05

15:45 16:30

IO Brief

Title: Automated Testing with Adversarial Knowledge (ATAK)

to

Speaker: C. Paul Robinson

President


27-Apr-05

Keynote

Title: Welcome to Redteam2005

to

Speaker: Jon Nowick

Director, Analytic Red Cell Program

US Department of Homeland Security

27-Apr-05

8:45 9:45

Keynote

Title: Analytic Red Teaming for Homeland Security and Other Challenges: WhenConnecting the Dots Isn't Enough

to

Speaker: James E. Just

Global Infotek, Inc.

27-Apr-05

9:30 10:15

IO Brief

Title: Testing Cyber-defenses vs. Cyber-offenses

to

Speaker: George Apostolakis

Professor of Nuclear Science and Engineering

Massachusetts Institute of Technology

27-Apr-05

9:30 10:15

HS Brief

Title: Protecting Infrastructures: The Role of Risk Analysis

to

Speaker: Don BaileyLead INFOSEC Engineer

The MITRE Corporation

27-Apr-05

9:45 10:30

IO Brief

Title: All Your WiFi Are Belong to Us - Teaching the Badguy Mindset for WirelessRed Teaming and Penetration Testing

to


7/27/2019 050324-redteam2005-notice3

6/10

7/27/2019 050324-redteam2005-notice3

7/10

Speaker: Prof. Kevin Wood



27-Apr-05

13:15 14:00

HS Brief

Title: VEGA: Vulnerability of Electric Grids Analyzer

to

Speaker: Robert A. Morris, Lt Col, USAF

OUSD(IWS)/IO

27-Apr-05

13:15 14:00

Brief

Title: OSD Perspective on IO

to

Speaker: Mike Gerjets

Technical Director/NSA Red Team

NSA Red Team

27-Apr-05

14:00 14:45

IO Brief

Title: DoD Red Team Certification Standards

to

Speaker: D. R. Miles, Ph.D.

Staff Scientist and Senior Program Manager

Pacific Northwest National Laboratory

27-Apr-05

14:00 14:45

HS Brief

Title: Risk and Vulnerability Assessments Methodologies and the use ofREDTEAMS to Identify Recommendations for mitigation or Elimination of

Vulnerabilities

to

Speaker: Prof. Matt Carlyle



27-Apr-05

14:45 15:30

HS Brief

Title: Identifying Vulnerabilities in Critical Infrastructure

to

Speaker: Phillip Caddel

VA Analyst

Nuclear Fuel Services

27-Apr-05

16:00 16:45

Panel Position

Title: Assessing the threat to Critical Infrastructure Assets for use in theVulnerability and Risk Assessment Programs

to

Speaker: Joseph Eash

28-Apr-05

8:15 9:00

Keynote

Title: Red teaming yesterday, today, and tomorrow: A viewpoint on maintaining redteaming a viable tool for national security

to


7/27/2019 050324-redteam2005-notice3

8/10

Speaker: Bradford Wilke28-Apr-05

9:30 10:15

IO Brief

Title: Training the Cyber Defender - Lessons Learned from DoD InformationAssurance Exercises

to

Speaker: Thomas J. Anderson

Idaho National Laboratory

28-Apr-05

9:30 10:15

HS Brief

Title: Mission/Capability: Control Systems Security and Test Center (CSSTC)

to

Speaker: Juan Torres

Manager, X


28-Apr-05

10:15 11:00

HS Brief

Title: Mission/Capability: Sandia Center for SCADA Security

to

Speaker: Shelley A. Kirkpatrick, Ph.D.

Senior Researcher

Homeland Security Institute

28-Apr-05

11:00 11:55

HS Brief

Title: Staying One Step Ahead: Advancing Red Teaming Methodologies throughInnovation

to

Speaker: Richard Craft

Principle Member of the Technical Staff


28-Apr-05

12:15 12:55

HS Brief (Lunch)

Title: Report: A Concept for the use of Red Teams in Homeland Defense

to

Speaker: Patrick F. Sullivan

Deputy Assistant Director/Office of Flight Operations

Federal Air Marshal Service

28-Apr-05

13:00 13:45

HS Brief

Title: "Success of Physical Security Red Teaming"

to

Speaker: Thomas C. LattaOperational Test and Evaluation Force

01-Jan-06

Title:

to


7/27/2019 050324-redteam2005-notice3

9/10

Speaker: Maj Tom Sloan

Chief for IA Assessments

AFOTEC

01-Jan-06

IO Brief

Title:

to

Speaker: Mr. Skip Mann

Security Analyst

HQ PACAF/SFOP

01-Jan-06Brief

Title:

to

Speaker: Michael L. Smith

Information Technology Department

Clark County - Nevada

01-Jan-06

Title:

to

Speaker: Bill Wilson

Survivable Enterprise Management

CERT

01-Jan-06

Panel Chair

Title:

to

Speaker:


01-Jan-06

HS Brief

Title: Anatomy of a real SCADA attack

to

Speaker:01-Jan-06

Panel Chair

Title: Panel: Red Teaming Critical Infrastructure

to

Speaker: Nancy Kay HaydenAeronautical Engineering/Proliferation Sciences Dept.


01-Jan-06

HS Brief

Title: Representing Motivation and Intent for Effective Red Teaming

to


7/27/2019 050324-redteam2005-notice3

10/10

Speaker: Robert Jung

Information Operations Red Team & Assessments (IORTA)


01-Jan-06

Panel Chair

Title: Tool Design/Development/Collaboration

to

Speaker: Gregory Fontenot01-Jan-06

Title: University of Foreign Military and Cultural Studies (formally known as Redteam University)

to

Speaker:


01-Jan-06

IO Brief

Title: User Space Root Kits (AKA In Memory Root Kits)

to

Speaker: Michael A. Shepherd, Lt Col, USAFR

Deputy Commander for Aggressor Operations /318th IO Gr

Air Force Information Warfare Center

01-Jan-06

IO Brief

Title:

to

Speaker: Frank E. Lagasse

DTRA

01-Jan-06

Brief

Title:

to


Documents

050324-redteam2005-notice3