Star 0


The landscape of offensive security research has changed significantly since the mid-90's when it just started moving out of the underground and into the professional security world. We can divide its history into three periods based on two landmark events a decade apart: the first BlackHat Briefings conference in 1997 and the first USENIX Workshop on Offensive Technologies in 2007. As I have been involved in offensive security research through much of this timeline, I'll share some perspectives on how the targets, research, and mindsets have changed across these periods. I'll also discuss how to best put offensive security research to work to help guide security engineering. Finally, I'll conclude with some thoughts on what offensive security research will look like 10 years from now.