Subscribe to the DPJ Weekly Brief newsletter:
Subscribe
Updates
ALBUQUERQUE, N.M. – Sandia National Laboratories will offer es on how to specify and utilize a “red team,” which involves having people assume the role of bad guys that attempt to compromise system security. Applying a red team can helpentify future risk, find important vulnerabilities, and thus lead to design improvements or better decisions about impact from threats. The course, called Red Teaming for Program ManagersTM (RT4PMTM) will be taught in Washington, D.C. and is geared for government program managers, decision makers, and military commanders. It is not open to the public. Presented in four steps, it shows attendees how to map their objectives into eight types of red teaming, specify red teaming they need,entify red teams, and merge results back into their overall objectives. It is not intended to show how to red team, but how to use red teams.The initial four-hour es are offered at no charge and will be taught by key members of Sandia’s Information Operations Red Team & Assessment (IORTA) program. Eight hour and multi-day courses are in the works that will provide opportunities for greater depth of discussion and extended exercise. There will be a fee for these expanded courses.Ten courses total will be held January 16-18 and February 6-8. Contact Amy Bowen at (505) 284-3178 or adbowen@sandia.gov to for information and to register.Sandia is a National Nuclear Security Administration laboratory.“In Sandia’s red team experience we find two obstacles for effective use of assessment outside of the red team itself. First, those program managers or decision makers that know about red teaming may not know how to specify their objectives to the red team. A second pervasive issue is that even more decision makers don’t know about the use of red teaming. The result is that we create security systems brittle to the threat! They don’t work if attacked. RT4PM was created to help address these obstacles.” says Michael Skroch, manager of the Sandia department that runs red teams that probe US systems.RT4PM introduces these eight types of red teaming that, separately and in combination, can be used by red teams: design assurance, hypothesis testing, benchmarking, behavioral, gaming, operational, penetration testing, and analytical. In the four-hour course, instructors will blend discussions with multiple short examples and exercises to illustrate course concepts.Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin company, for the U.S. Department of Energy’s National Nuclear Security Administration. With main facilities in Albuquerque, N.M., and Livermore, Calif., Sandia has major R&D responsibilities in national security, energy and environmental technologies, and economic competitiveness.Story available at:http://www.sandia.gov/news-center/news-releases/2006/esSandia Media Relations contact: Chris Burroughs Phone: (505) 844-0948Email: coburro@sandia.gov