Traditionally, when talking about enterprise security, most companies would focus on the defensive side. For example, SOC, Incident Response, Threat Hunting, etc.

As for the Offensive part, companies used to ask for vendors to support yearly security assessment or penetration testing. Only a few international companies, because of the vast variety of product/service or the needs of proving product security, would build up an in-house offensive security team. 

Recently, because of the increased of security incident & the digital transformation happens in more and more industries. More and more companies start to consider whether to build up an in-house offensive security team. The speaker want to share advantages of in-house offensive security team, the working type as an in-house offensive security team member, and the role of in-house offensive security team in the SSDLC via this session.

Introduce the modern red and blue team techniques and open-source tools, including how the blue team discovers the intrusions, catches the attacker, and increases the cost of attacks. Also, for the red team, we will talk about how the red team bypasses detection and execute malware by adopting techniques used for defense evasion. This agenda will share the experiences from both the red and blue teams, the HomeLAB environment, and learning resources.

DDoS attacks, starting from 10GB, have grown rapidly to reach traffic levels in the ""Tbps"" range, not to mention the various variants of DDoS attacks that have emerged in recent years. As attackers become increasingly sophisticated and attacks occur at higher frequencies, the cost of defense for victims has skyrocketed. DDoS is like a sword in the hands of hackers, making it difficult for businesses or network service providers to defend against.

This sharing session covers a total of six cases, ranging from DDoS attacks at the ""Tbps"" level to various types of DDoS variant attacks. DDoS has always been a chronic problem in the internet world, and through the sharing of cases, it can be understood that this sword (DDoS) in the hands of attackers is not unstoppable. By seeking the help of DDoS defense experts and investing appropriate network security costs, risks can be limited to a manageable range, avoiding making hasty decisions in a time of crisis.

In this speech, we will share Synology PSIRT's experience in building a red team from scratch within the company. The speech will also share the results of Synology's self-built red team over the past year.