BSidesSATX 2023

Kickstarting your in-house Red Team: Challenges and approaches
2023-06-10, 16:00–16:45, Track 1 (UC Conference Rm A)

This talk aims to help attendees address these challenges and kickstart their internal red team programs, proposing approaches to improving communication, integrating enterprise functions, and measuring program effectiveness. It covers our experiences managing a team of red team operators, helping organizations build a red team program, and what was observed in many companies trying to develop similar initiatives.


You have to build your organization’s Red Team from scratch. Where do you start? Organizations building internal red teams and penetration testing programs to keep up with the latest threats typically face three challenges: translating results to other security functions and leadership, aligning the red team program with business objectives, and demonstrating value.

This talk aims to help attendees address these challenges and kickstart their internal red team programs by:

  • Outlining challenges, positive results, and setbacks identified while building internal red team programs;
  • Proposing approaches to improving communication, integrating enterprise functions, and measuring program effectiveness
  • Discussing our experiences managing a team of red team operators, helping organizations build a red team program, and what was observed in many companies trying to develop similar initiatives.

The goal is to help attendees kickstart an in-house red team program, providing ideas to communicate with other security functions, keep red team operators engaged, and deliver meaningful outcomes aligned with the overall cybersecurity goals. After the talk, attendees should be capable of taking the first steps toward deploying a team focused on improving the organization’s security posture instead of rinse-and-repeat testing.

As an experienced Red Team leader, Daniel applies a strong background in software development and networking to help Fortune 500 companies identify and remediate vulnerabilities in various technologies, including corporate networks, applications, and smart devices. Working in the Cybersecurity field since 2006, prominent local and international security conferences such as HOU.SEC.CON, Black Hat Regional Summit São Paulo, and the BSides São Paulo featured his penetration test research. He holds a B.Sc. in Computer Science and a M.Sc in Cybersecurity. In 2019, Daniel was part of the team that won the DEF CON Biohacking Village Capture the Flag competition.

Victoria is a cybersecurity consulting manager specializing in penetration testing and vulnerability identification. With 7 years of professional experience, Victoria has helped Fortune 500 companies improve their resilience against cyber threats through red team and purple team exercises. In 2019, Victoria was a part of the team that won first place at the DEF CON 27 Biohacking Medical Device Capture the Flag competition in Las Vegas. Victoria holds a Bachelor of Science degree in Computer Science with a minor in Applied Computer Security from the University of Southern California as well as the CISSP, GPEN, GWAPT certifications.