“Red teams are different because each organization has unique needs, which is why each job should be described in the scope of work.”

Twitter: @KevinFigueroa

Kevin Figueroa is a passionate hacker and cybersecurity researcher. As a seasoned practitioner with 10+ years and vast, broad knowledge in cybersecurity, he has consulted in government, private, and public sectors. He focuses his discipline on network and web application penetration testing and vulnerability and risk assessments. Kevin’s never-ending passion for learning different coding languages, threat research, lockpicking, and reverse engineering has led him to be a speaker at several conferences like DEF CON and InfoSec Connect; he is also a cofounder of the DCNYC Group, a monthly hacker meetup in New York City, and a cofounder of Unallocated Space, a hackerspace in Maryland.

How did you get your start on a red team?

I got started with red teaming several years ago, yet it feels so long ago. It took many years to acquire all the different skill set needed to be a great red teamer. Over the years, acquiring skills in networking, firewall, IDS, packet crafting, wireless, social engineering, lockpicking, mobile, and intricacies within different operating systems is fundamental to the red team. Of course, the major skill for red teaming is penetration testing, and I’ve conducted penetration testing ...