Carlos Perez

Practice Lead, Research

Experience

Carlos Perez has been active in the security community since 1999 working for the Government of Puerto Rico helping secure networks and performing internal pentests. He later joined Compaq/HP where he worked as a Senior Solution Architect for the Security and Networking consulting practices covering 33 countries in Central America, South America, and the Caribbean helping customer design and to implement security solutions that helped customers meet their business needs in a secure way. Carlos also worked as the Director of Reverse Engineering at Tenable, Inc., where he was in charge of all remote code execution checks and finding zero-day vulnerabilities on products tested.

Education & Certifications

Microsoft MVP, MCSE, MCDBA, CompTia Network +, A+, Linux + an Security +

Microsoft MVP badge

Industry Contributions

Carlos has been active in the security community presenting at conferences like DEFCON, DerbyCon, Hack3rCon, BSides and many others. He has contributed to and created many Open Source projects such as Metasploit, DNSRecon, Posh-SSH, and many others. He has been awarded the Microsoft MVP award for Data Center Management in the specialties of Enterprise Security and PowerShell for the last 4 years.

Recent Blog Posts

CVE-2020-0796: SMBv3 “Wormable” Remote Code Execution Vulnerability

By Carlos Perez
In Research
On March 10, 2020, during its monthly Patch Tuesday, Microsoft published the advisory ADV200005 for a critical Remote Code Execution (RCE) vulnerability on Server Message Block (SMB) 3.1.1. Microsoft released the advisory after Cisco Talos accidentally published details on the same day. Both Cisco Talos and Fortinet released advisories for the vulnerabilities on their pages...
Read

Why We Are Launching the TrustedSec Sysmon Community Guide

By Carlos Perez
In Application Security Assessment, Architecture Review, Business Risk Assessment, Organizational Training, Penetration Testing, Policy Development, Research, Security Testing & Analysis, Training
Today we are excited to announce the launch of the TrustedSec Sysmon Community Guide. This guide is intended to be a one-stop shop for all things Sysmon. Our goal for the project is to help empower defenders with the information they need to leverage this great tool and to help the infosec community spread the...
Read

Targeted Active Directory Host Enumeration

By Carlos Perez
In Research
Current Problem When working in an unknown network, some of the most important pieces of information to have are appraisals of current assets and information contained on them. This is important for any security professional, from tester to defender. Given the prevalence of Active Directory (AD) in most Windows environments, gaining a clear inventory of...
Read
View all posts from Carlos

Recent Webinars

Attack Simulation TTPs: Group Policy and Audit Setting Enumeration with Carlos Perez

Recorded June 19, 2019 at 1 P.M. EST Situational awareness is key when one lands access on a target system as part of an attack simulation. Knowing what controls are present and which are likely present allows performance of a...
Watch

Webinar Series - Fundamentals of Post-Exploitation with Carlos Perez

Learn the basics of post-exploitation from advanced infosec professionals Join Carlos Perez (@darkoperator) as he shares some of the post-exploitation methodology used by TrustedSec security consultants performed during actual attack simulations. Each of the four individual webinars will focus on...
Watch
View all webinars from Carlos

Want to work with Carlos Perez or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us