The Art of Red Teaming with Shani Peled

About The Guest: Shani is a young and talented offensive security professional who has made a name for herself in the industry. With a background in computer science and physics, she started her cybersecurity journey in the Israeli intelligence course during her military service. After gaining valuable experience in the army, she joined CYE, where she currently works as a Red Teamer. Shani is passionate about helping organizations improve their security posture and enjoys the challenge of finding unique entry points and assessing real risks. Summary: In this episode, Phillip Wylie interviews Shani, a talented Red Teamer at CYE. Shani shares her journey into the cybersecurity world, starting with her military service in the Israeli intelligence course. She highlights the importance of hands-on training and the unique skills required to be successful in the Red Team industry. Shani also discusses the challenges faced by organizations in prioritizing vulnerabilities and assessing real risks. She emphasizes the need for Red Teamers to think like real attackers and understand the crown jewels of the organizations they are testing. Shani also dives into the world of cloud security and the common vulnerabilities she encounters during cloud assessments. She stresses the importance of proper cloud migration and the responsibility organizations have in securing their cloud environments. Throughout the conversation, Shani provides valuable insights and advice for aspiring Red Teamers, emphasizing the need for passion, creativity, and a deep understanding of the IT world. Key Takeaways: Prioritizing vulnerabilities and assessing real risks is a major challenge for organizations. Red Teamers should think like real attackers and understand the crown jewels of the organizations they are testing. Misconfigurations in storing technical secrets and exposed resources are common vulnerabilities in cloud environments. Proper cloud migration is crucial, and organizations have a responsibility to understand their cloud environment and secure it. Red Teamers should focus on reconnaissance and understand the techniques behind tools to be effective in their assessments. Shani's LinkedIn: https://www.linkedin.com/in/shani-peled-28b3211a3/ CYE LinkedIn and website: https://www.linkedin.com/company/cyesec/ https://cyesec.com/