That Shouldn't Have Worked: A Red Teamer's Confessions with Corey Overstreet

Summary: In this episode of Exploring Information Security, host Timothy De Block speaks with Corey Overstreet, a seasoned pentester from Red Siege. Corey shares insights into the ongoing cat-and-mouse game between red teams and blue teams, revealing common vulnerabilities and unexpected successes in breaching defenses. He discusses his upcoming talk at Show Me Con, titled "That Shouldn't Have Worked," which aims to equip blue teams with practical knowledge on bolstering their defenses against persistent attackers. From the nuances of payload delivery to the surprising resilience of old tricks and the challenges of cloud security, Corey offers a candid look at the daily realities of offensive security and how defenders can truly make a red teamer's life difficult. What You'll Learn: The core focus of Corey Overstreet's "That Shouldn't Have Worked" talk at Show Me Con. Common mistakes red teamers make and how to avoid them. Effective defensive strategies for blue teams, including the power of application control and network segmentation. The evolving landscape of EDR and how AI is starting to make red team operations more challenging. Insights into the surprising ways macros and social engineering continue to be effective entry points, especially in cloud environments. Advice for aspiring pentesters on learning and problem-solving, emphasizing hands-on practice and diligent note-taking. Corey's favorite resources for staying up-to-date in cybersecurity, including various subreddits, Discord, and Slack communities.

There are no comments yet.

Please log in to write the first comment.