Josh Ryder
Josh has the privilege of leading a dedicated and diverse team that serves as the bedrock of their organization's security. His team represents the last line of defense, with responsibilities spanning detection engineering, threat intelligence, operations, and incident response, all aimed at safeguarding Meta from both internal and external threats. Together, they are focused on recruiting, nurturing, and developing a world-class team deeply committed to the mission of defending their business.
Josh's professional journey encompasses various domains and is characterized by his profound passion for sharing knowledge and fostering growth within the security community.
Beyond his role at Meta, he has had the privilege of engaging in speaking engagements, teaching, and cutting-edge research. His speaking engagements at numerous conferences and events, including the 2018 NGINX User Conference as co-keynote speaker, the 2015 and 2017 PacSec, and active participation in multiple Exploit Laboratory events (Blackhat, Recon.cx, CanSecWest), have provided him with a platform to share valuable insights and contribute significantly to the broader industry discourse.
2023 Talk
Talk Title: (re)Building a Blue Team (Chapter 4) – The Color Purple
Talk Abstract:
Co-Presented with Josh Ryder, In today's ever-changing cybersecurity landscape, collaboration emerges as an imperative. Dive into the intertwined journeys of the Red, Blue, and Purple teams at Meta, tracing our historical roots to reveal the distinct yet synergistic roles of each team. We candidly discuss our triumphs, spotlighting key Red Team Operations and our mirroring of real-world threat actors, while also addressing challenges like operational strain and unexpected repercussions.
We'll delve into the evolution of Meta's Purple Team, highlighting its pivotal role in bridging the collaboration gap between the Offensive Security Group and XDR. This synergistic approach enabled us to better address security challenges and fostered an environment of trust, partnership, and shared learning. Furthermore, we will spotlight initiatives such as TTPForge and ForgeArmory, emblematic of our commitment to enhancing the global cybersecurity discourse.
Concluding with a look at the future, we lay down our roadmap. From building security regression pipelines to understanding where we fit into various security frameworks like MITRE ATT&CK and OWASP Top Ten, we aim to further fortify our defenses and share our learnings. Join us as we narrate our story, shedding light on the importance of adaptability, collaboration, and evolution in the world of cybersecurity.