Pedro started working in security by doing ISO27001 audits. After almost dying of boredom, he jumped into penetration testing, reverse engineering and vulnerability research, focusing on embedded systems and enterprise software.
He is the Founder & Director of Research at Agile Information Security, a boutique security consultancy that focuses in providing hardcore technical cyber security solutions to its clients.
In his spare time Pedro hacks hardware and software and has made public dozens of remote code execution vulnerabilities resulting in 140+ CVE, and authored 60+ Metasploit exploits. He regularly participates in Pwn2Own as part of "Flashback Team", winning Pwn2Own Tokyo 2020 outright with his teammate Radek Domanski.
Founder & Director of ResearchWhat is your company/affiliation(s)? –
Agile Information SecurityWebsite (full URL) – Twitter account (full URL) – LinkedIn profile (full URL) – GitHub account (full URL) –
Q&A and discussion for the malware block, hosted and moderated by Rayna Stamboliyska. Questions will be gathered from the audience during the four prior talks.
In this talk, we will discuss common vulnerability patterns in network equipment (consumer and enterprise routers, firewalls, VPN, TLS accelerators, switches, WAF, etc).
This critical infrastructure is unfortunately a lot more vulnerable than most people believe, although its security stance has improved within the last few years.
We will go through the history of these vulnerabilities, why they occur and what should we expect to happen in the future, as exploit protections in these devices improve.