Ever steal a Boeing 777? How about transfer more than $400,000,000 from an account? Have you ever had one of those bad days where one wrong press of the “enter” key accidently broadcasts an emergency message to the radio station asking an entire city to evacuate? The real destruction of a business doesn’t come from a shell, a picked lock or a simple lie. The REAL threat is when all of the disciplines are combined and the only thing left in the crosshairs is the BUSINESS itself. Red Teaming is not a process of finding “A” vulnerability, but showing how flaws at EVERY level of the program combine to cause devastating effects to the company (or the tester =) ). After 15 years in the Red Teaming, Pen Testing and Security Testing Business, I have had some of the weirdest things happen. In this 50 min story time, I plan to go over our methodology, some of our BEST and WORST moments on the job, tips/tricks we picked up along the way and hopefully we can have a few laughs at our (mis)fortune(s).