What are the effects of red team tactics on the people who conduct them as well as the people who become the targets? This follow-up session from our 2019 Firetalk will provide a previously-nonexistent Red Team Ethical Framework to guide the conduct of offensive security engagements.This new framework is the result of refining a detailed survey conducted across the wider information security community. We have over 500 respondents already who have answered questions about bribery, threats, and other potential tactics in offensive security testing to determine whether or not some things are always wrong…and while most ethical choices appear at first to be obvious, our research revealed a somewhat shocking twist which we will share with all of you.
Roy Iversen (@royiversen) is Director of Security Engineering & Operations at Fortalice Solutions, where he leads a team of security engineers and incident handlers. Prior to joining Fortalice, Mr. Iversen served under the CISO as Director of Security Operations Division at the U.S. General Services Administration (GSA).
Tarah Wheeler (@tarah) is an offensive security researcher, political scientist in the area of international conflict, and poker player. She is a Cybersecurity Policy Fellow at New America, as well as a cybersecurity expert for the Washington Post and a Foreign Policy contributor on cyberwarfare.