CypherCon 2024

Goal Based Penetration Testing – Taylor’s Version

Eric Escobar

Abstract:

In this talk we’ll dive into “Goal-Based Penetration Testing,” where security isn’t just a “Love Story” but a critical narrative in our “Wildest Dreams.” As we “Begin Again” to redefine penetration testing, we tailor our approach to meet our clients’ specific needs, ensuring that their cybersecurity doesn’t just “Shake It Off” but stands strong against evolving threats. It’s about understanding that each organization has its own “Blank Space” to fill in the realm of security, and it’s our job to make sure their defenses are as resilient as they can be, proving that in the world of cybersecurity, we’re not just “Out of the Woods” yet. Our approach ensures that every client’s security story ends not with a tragic “Bad Blood” but with a triumphant “I Knew You Were Trouble” turning into a story of success.

 

Importance: Penetration testing should be curated to the client, not an off the shelf service.

Eric Escobar

Probably hangs outside swift’s house…

Eric is a seasoned pentester and a Security Principal Consultant at Secureworks. On a daily basis he attempts to compromise large enterprise networks to test their physical, human, network and wireless security. He has successfully compromised companies from all sectors of business including: Healthcare, Pharmaceutical, Entertainment, Amusement Parks, Banking, Finance, Technology, Insurance, Retail, Food Distribution, Government, Education, Transportation, Energy and Industrial Manufacturing.

His team consecutively won first place at DEF CON 23, 24, and 25’s Wireless CTF, snagging a black badge along the way. Forcibly retired from competing in the Wireless CTF, he now helps create challenges!

Before entering the cyber security arena, Eric attained both a BS and MS in Civil Engineering along with his Professional Engineering license. Professional hacker by day, amateur operator (W6WD) by night!