Sign up to save your podcasts
Or
Share That Shouldn't Have Worked: A Red Teamer's Confessions with Corey Overstreet
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
That Shouldn't Have Worked: A Red Teamer's Confessions with Corey Overstreet
Summary:
In this episode of Exploring Information Security, host Timothy De Block speaks with Corey Overstreet, a seasoned pentester from Red Siege. Corey shares insights into the ongoing cat-and-mouse game between red teams and blue teams, revealing common vulnerabilities and unexpected successes in breaching defenses. He discusses his upcoming talk at Show Me Con, titled "That Shouldn't Have Worked," which aims to equip blue teams with practical knowledge on bolstering their defenses against persistent attackers. From the nuances of payload delivery to the surprising resilience of old tricks and the challenges of cloud security, Corey offers a candid look at the daily realities of offensive security and how defenders can truly make a red teamer's life difficult.
What You'll Learn:
The core focus of Corey Overstreet's "That Shouldn't Have Worked" talk at Show Me Con.
Common mistakes red teamers make and how to avoid them.
Effective defensive strategies for blue teams, including the power of application control and network segmentation.
The evolving landscape of EDR and how AI is starting to make red team operations more challenging.
Insights into the surprising ways macros and social engineering continue to be effective entry points, especially in cloud environments.
Advice for aspiring pentesters on learning and problem-solving, emphasizing hands-on practice and diligent note-taking.
Corey's favorite resources for staying up-to-date in cybersecurity, including various subreddits, Discord, and Slack communities.
Use the promo code “ExploringSec” to get $50 off your registration
Showmecon Links and Resources:Learn more about ShowMeCon: showmecon.com
Register for Training or the Conference: Registration Link
Event Venue and Room Block Information: Ameristar Casino & Resort
Connect with the Founder of ShowMeCon Dave Chronister: LinkedIn Profile
Connect with the Head Organizer for ShowMeCon Brooke Deneen: LinkedIn Profile
Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.
Contact Information:Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.
Social Media Links:[RSS Feed] [iTunes] [LinkedIn][YouTube]
Subscribe
Sign up with your email address to receive news and updates.
Email Address
Sign Up
We respect your privacy.
Thank you!
View all episodes
By Timothy De Block
4.7
4343 ratings
Summary:
In this episode of Exploring Information Security, host Timothy De Block speaks with Corey Overstreet, a seasoned pentester from Red Siege. Corey shares insights into the ongoing cat-and-mouse game between red teams and blue teams, revealing common vulnerabilities and unexpected successes in breaching defenses. He discusses his upcoming talk at Show Me Con, titled "That Shouldn't Have Worked," which aims to equip blue teams with practical knowledge on bolstering their defenses against persistent attackers. From the nuances of payload delivery to the surprising resilience of old tricks and the challenges of cloud security, Corey offers a candid look at the daily realities of offensive security and how defenders can truly make a red teamer's life difficult.
What You'll Learn:
The core focus of Corey Overstreet's "That Shouldn't Have Worked" talk at Show Me Con.
Common mistakes red teamers make and how to avoid them.
Effective defensive strategies for blue teams, including the power of application control and network segmentation.
The evolving landscape of EDR and how AI is starting to make red team operations more challenging.
Insights into the surprising ways macros and social engineering continue to be effective entry points, especially in cloud environments.
Advice for aspiring pentesters on learning and problem-solving, emphasizing hands-on practice and diligent note-taking.
Corey's favorite resources for staying up-to-date in cybersecurity, including various subreddits, Discord, and Slack communities.
Use the promo code “ExploringSec” to get $50 off your registration
Showmecon Links and Resources:Learn more about ShowMeCon: showmecon.com
Register for Training or the Conference: Registration Link
Event Venue and Room Block Information: Ameristar Casino & Resort
Connect with the Founder of ShowMeCon Dave Chronister: LinkedIn Profile
Connect with the Head Organizer for ShowMeCon Brooke Deneen: LinkedIn Profile
Enjoyed this episode? Leave us a review and share it with your network! Subscribe for more insightful discussions on information security and privacy.
Contact Information:Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.
Social Media Links:[RSS Feed] [iTunes] [LinkedIn][YouTube]
Subscribe
Sign up with your email address to receive news and updates.
Email Address
Sign Up
We respect your privacy.
Thank you!
More shows like Exploring Information Security - Exploring Information Security
View all
Security Now (Audio)
2,002 Listeners
Risky Business
376 Listeners
Down the Security Rabbithole Podcast (DtSR)
98 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
CyberWire Daily
1,022 Listeners
The Daily
112,617 Listeners
Darknet Diaries
8,017 Listeners
Cybersecurity Today
177 Listeners
Behind the Money
227 Listeners
Defense in Depth
74 Listeners
Hacker Valley Studio
60 Listeners
Cyber Security Headlines
136 Listeners
Hard Fork
5,469 Listeners
The President's Daily Brief
3,358 Listeners
Risky Bulletin
46 Listeners