- 14:00hs a 18:30hs - break en el medio
- Sala Abasto
Red teaming is more than a hype right now, no matters that maturity level an organization have, this is a kind of test that must be do it. But, there a lot of options to get trained for pentesting and some for red teaming, so, this is good option for blue teamers and pentesters to learn and confirm their knowledge about Tactics, Techniques and Procedures required in red team exercises. Going beyond just learning through demos and the lecture of ATT&CK framework, during this workshop We are goint to teach them how to start a phishing campaign (an effective one) to get the initial compromise and then move laterally in order to grab the crown jewels through an exfiltration channel controlled by a C2 with the extra value to learn how to bypass defenses like IPS, EDR, SIEM, etc.
Alexis Torres Alexis is having fun working as Senior Pentester/Research Manager in Open-Sec. It has certifications such as eMAPT, C) PTE, C) CPTC, C) SWAE. Speaker for different computer security coferences (Perú and Ecuador). He has worked on different projects for private and public organizations (ministries, banks, airlines, etc.). His skills and experience are very strong on mobile applications pentesting and lateral movement. He belongs to the Open-Sec team since 2015.
William Marchand William has a very fun time working as Senior Pentester in Open-Sec. It has certifications such as C) PTE, CCNA, CCNP Instructor. Speaker at several security events such as Ekoparty, EcuaHack, PERUHACK, among others. He has worked on different projects for private entities such as banks, financial companies, airlines, etc. He belongs to the Open-Sec team since 2017.
Water Cuestas He leads the team of professional hackers of Open-Sec (a company dedicated solely to provide pentesting and red teaming services) since 2006. His work is based on developing attack vectors and his main interest is in the development of scripts for pentesting and TTPs for red teaming. He has participated as speaker in events such as DEF CON (Workshop), LimaHack, Campus Party Quito, CSI Pereira, events of OWASP Latam and as trainer at Ekoparty. He has also published articles in trade magazines such as Hakin9, PenTest Magazine and Hack-in-Sight. During 2016, he was part of the team of instructors approved by the US Northern Command (US Army) for training in cybersecurity (hacking techniques and breach of security controls). Currently holds the OSCP certification.
Luis Morales He just joined Open-Sec team as Pentester, so, the fun just began for him. He was working on the “blue” side for several years until last one when he joined a utility provider as a fulltime internal pentester. In his preparation for OSCP certification, he played a lot in Hack The Box and is a big fan of this very cool lab. Of course, he earned the OCSP certification.