Blue to Red: Traversing the Spectrum

Conference:  BlackHat EU 2019



The rising demand for talent to fill thousands of open roles in the security industry has resulted in one significant consequence: overspecialization. This can hinder someone from thinking about the larger picture of security challenges they face and can sometimes be an obstacle to progress. It’s time to get back to basics: Strong fundamentals in InfoSec and computer science are critical when pivoting from one security challenge to the next. In this talk, Amanda will discuss her non-conventional career path in security --from a forensic technician in government, a malware researcher in the private sector, to an offensive engineer on the red team at Facebook--and how a solid grounding in foundational security skills has been an important thread among each role.It’s important now more than ever to strike the right balance between relying on tooling frameworks and pulling from your security fundamentals. In an industry that evolves at hyper speed, having a strong understanding of the basics, such as computer architecture, code compilation, data structures and algorithms is invaluable --and these skills never have an expiration date. Another core skill in the toolbox of security fundamentals is an adversarial mindset. The joy of picking things apart and dreaming up out-of-the-box solutions to tackle a thorny problem is a requirement for successful hacking. Amanda will discuss how this is not only essential in red teaming, but in all security roles across the spectrum.