Larry Pesce

Penetration Testing in a Pandemic: Tales From the Socially Distant Shadows


BIO

Larry Pesce is the Director of Research and Development and Principal Managing Security Analyst with InGuardians. His history with hardware hacking began with the family TV when he was a kid, rebuilding it after it caught on fire. Both times. Later, as a web developer for a university in the early days of the Internet, he managed some of the first Layer 3 switched networks in the world. His core specialties include hardware and wireless hacking, architectural review, and traditional pentesting, often in the financial, energy, and healthcare sectors. On the managerial side, he makes sure all the wheels are still on the ground, going over reports, and leading up research efforts, concentrating especially on IoT. Larry also regularly gives talks at DEF CON, ShmooCon, DerbyCon, and various BSides and holds the GAWN, GCISP, GCIH, GCFA, and ITIL certifications, and has is a certified instructor with SANS, training the industry in advanced wireless and Industrial Control Systems (ICS) and IoT hacking. When not hard at work, Larry enjoys long walks on the beach weighed down by his ham radio (DE KB1TNF), and thinking of ways to survive the impending zombie apocalypse.

ABSTRACT

It has been a long year distanced from people and our customers. As a result of that physical separation, we’ve had to think about how we could engage with our customers differently: from delivering technical penetration tests for internal networks, WiFi, physical and Red Team assessments, to how we communicate before, during, and after engagements. How do you conduct in person business when you can’t be in person? We want to share what we learned, both technical and process to keep our team and customers safe, and how we ultimately made what we do better. When we learned and improved we also had a lot of fun along the way with some tales of successes, mistakes and other folly.