“Some really smart penetration testers I know would probably get bored if they realized how much tedious recon and planning goes into a red team campaign.”
Hi! My name is Tim MalcomVetter. I started using, building, and breaking computers in the 1980s as a kid and started getting paid for it in 2000. Along the way, I’ve:
- Consulted with Fortune 500s
- Hacked mainframe sockets to web APIs, fuel pumps to mobile apps
- Led e-commerce dev teams
- Deployed enterprise security solutions
- Made plenty of mistakes
Currently, I’m quite fortunate to run a great red team program at the world’s largest company, simulating adversaries across five continents with fantastic teammates I’ve been able to recruit/retain (hobby and career aligned)!
How did you get your start on a red team?
Right place, right time, right skills, right attitude. I like to think that red teaming really pulls in all the skills I’ve learned from every job I’ve ever had—in security or otherwise. I don’t think I can downplay any past experiences as not playing a role in my ability to get my career where it is—including part-time retail jobs in high school and college. I’m the sum of those experiences.
I also have to acknowledge how being a trusted advisor to an important client was a major contributing factor in my career. I was in the right position to help an organization grow ...