Denver 2018

Denver, CO | Mon, Oct 15 - Sat, Oct 20, 2018
This event is over,
but there are more training opportunities.

Everyone Wants to be a Pen Tester

  • Serge Borso
  • Wednesday, October 17th, 7:15pm - 8:15pm

Get paid to hack ATMs, compromise credit cards and social engineer unsuspecting victims to part with their credentials! Sounds fun right? Don‚t forget your cyber insurance policy‚¶and your signed authorization, and the 45 page report, the sixteen meetings and daily calls with your client and avoiding the ensuing outage you will cause when you make a mistake. The stakes are high, the pressure is real and the work is hard, but don‚t let anyone dissuade you from embarking on the mission. This presentation will highlight the effort it takes, some caveats and requirements for an audience considering this path or wanting to learn more about the behind the scenes work it take to orchestrate a successful penetration testing engagement and career.

Speaker Bio: Serge Borso is the owner and principal consultant of SpyderSec and a SANS Community Instructor. He is an active member in the information security community and has consulted with dozens of organizations to improve their security posture. He has previously developed enterprise vulnerability management programs, created security awareness training solutions and worked to implement a transparent biometric security system for over one million unique online banking users to help combat fraudulent transactions. Currently Serge leads penetration testing engagements and is responsible for the vision, strategy and product/service offerings of SpyderSec.

Serge has lead a number of private training events and presents regularly at public speaking engagements; with the SANS Institute he teaches SEC542: Web Application Penetration Testing and Ethical Hacking. Serge earned his Master's Degree in Computer Systems Security from Colorado Technical University and holds several security certifications including: CISSP, GPEN, GCFA and GWAPT.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, October 15
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Monday, October 15th, 8:00am - 8:30am Special Events
OODA Security: Taking Back the Advantage Kevin Fiscus Monday, October 15th, 7:15pm - 9:15pm Keynote
Tuesday, October 16
Session Speaker Time Type
Automate Post Exploitation with PowerShell Empire Nick Wiebelhaus Tuesday, October 16th, 7:15pm - 8:15pm SANS@Night
Adversary Emulations - Taking Attack Models and Penetration Testing to the Next Level Jorge Orchilles Tuesday, October 16th, 8:15pm - 9:15pm SANS@Night
Wednesday, October 17
Session Speaker Time Type
Everyone Wants to be a Pen Tester Serge Borso Wednesday, October 17th, 7:15pm - 8:15pm SANS@Night
Malware Analysis - Code of Conduct Anuj Soni Wednesday, October 17th, 8:15pm - 9:15pm SANS@Night
Thursday, October 18
Session Speaker Time Type
State of the Dark Web Matt Edmondson Thursday, October 18th, 7:15pm - 8:15pm SANS@Night