Technical managers, engineers, and those interested in learning more about information security only please.



Food and beverages will be provided. Talks start at 6:45pm



===

AGENDA

===



SPEAKERS: Jessica Solper / Offensive Security Manager / Salesforce



PRESO TITLE: Enter the Red Team



PRESO SUMMARY: When, why, and how to perform a red team engagement.



SPEAKER BIOS: Jessica is a security manager at Salesforce, where she runs the internal red team. She has presented at and organized multiple security events and has been domain admin at a number of organizations.



-=-=-



SPEAKER: Kevin Dunn / SVP of Technical Security Consulting - North America / NCC Group



PRESO TITLE: Red Team Approaches for Success



PRESO SUMMARY: There are many approaches to the form of penetration testing known as 'red teaming'. In this talk the speaker will unravel some terminology, talk about how to use red team approaches, and explore some of the common techniques that help to model adversary simulation in the realm of commercial security engagements. Topics will include how to tailor approaches to modern heterogeneous environments, examples of tradecraft efforts to prevent easy disclosure, and examination of how the threat model has to change to meet modern boundary-less or location-independent architecture approaches. The speaker will include real-world approaches for: external vulnerability discovery and exploitation, targeted spear phishing against a variety of platform types, controlled physical intrusions, internal network attacks and as much more as time allows!



SPEAKER BIO: Kevin is Senior Vice President of Technical Security Consultancy for NCC Group in North America. Kevin has been a professional security consultant for over 15 years, working on diverse projects and challenging technologies for the world’s largest and most demanding companies. His current responsibilities include managing West coast operations for NCC Group in North America, and ownership of technical delivery Practices nationwide. Kevin works closely with Fortune 500 companies, covering Oil & Gas, Finance, and Software sectors, developing strategic security assessment and advisory services for NCC Group from his office base of operations in Austin. In 2016, Kevin was invited to testify in front of Congress on the subject of security for small businesses.



-=-=-



SPEAKER: Niru Ragupathy / Security Engineer / Google



PRESO TITLE: Red Team Curtain Call



PRESO SUMMARY: What happens after you achieve the red team goal? How do you measure the success of a red team? How do you present the results to the organization?



SPEAKER BIO: Niru is a security engineer at Google. She works on the assessments team, where she performs code reviews, design reviews and red teaming. She has run web application security workshops at BsidesSF, WiCys and Blackhoodie. In her free time she doodles corgis and writes mobile application challenges.