Shop Our Merch
Report A Breach
1-877-550-4728
Carlos Perez
Practice Lead, Research
Experience
Carlos Perez has been active in the security community since 1999 working for the Government of Puerto Rico helping secure networks and performing internal pentests. He later joined Compaq/HP where he worked as a Senior Solution Architect for the Security and Networking consulting practices covering 33 countries in Central America, South America, and the Caribbean helping customer design and to implement security solutions that helped customers meet their business needs in a secure way. Carlos also worked as the Director of Reverse Engineering at Tenable, Inc., where he was in charge of all remote code execution checks and finding zero-day vulnerabilities on products tested.
Education & Certifications
Microsoft MVP, MCSE, MCDBA, CompTia Network +, A+, Linux + an Security +
Industry Contributions
Carlos has been active in the security community presenting at conferences like DEFCON, DerbyCon, Hack3rCon, BSides and many others. He has contributed to and created many Open Source projects such as Metasploit, DNSRecon, Posh-SSH, and many others. He has been awarded the Microsoft MVP award for Data Center Management in the specialties of Enterprise Security and PowerShell for the last 4 years.
Recent Blog Posts
Supply Chain Woes – Attacks and Issues in IT Infrastructure: What Can We Do?
All businesses operate on the principle that a certain level of trust is necessary between the business itself and the IT components that comprise its supporting infrastructure. These components include hardware and software, as well as the vendors who provide services to the infrastructure. Securing a business supply chain is a big challenge, not only...
Read
Microsoft MVP Awards 2020
Who are MVPs? According to Microsoft, “Most Valuable Professionals, or MVPs, are technology experts who passionately share their knowledge with the community.” For more information on this award, visit the Microsoft MVP Overview page. Two members of the TrustedSec team are celebrating being recipients of the award from Microsoft—and both have received the honor in...
Read
CVE-2020-0796: SMBv3 “Wormable” Remote Code Execution Vulnerability
On March 10, 2020, during its monthly Patch Tuesday, Microsoft published the advisory ADV200005 for a critical Remote Code Execution (RCE) vulnerability on Server Message Block (SMB) 3.1.1. Microsoft released the advisory after Cisco Talos accidentally published details on the same day. Both Cisco Talos and Fortinet released advisories for the vulnerabilities on their pages...
Read
Recent Webinars
Using Research to Gain Attack Intelligence
Recorded on November 4, 2020 Many penetration tests are falling short It’s becoming commonplace for penetration testers to encounter maturing products that recognize common attack patterns or post-exploitation activities. Many go-to testing tools are becoming ineffective without code modification to...
Attack Simulation TTPs: Group Policy and Audit Setting Enumeration with Carlos Perez
Recorded June 19, 2019 at 1 P.M. EST Situational awareness is key when one lands access on a target system as part of an attack simulation. Knowing what controls are present and which are likely present allows performance of a...
Webinar Series - Fundamentals of Post-Exploitation with Carlos Perez
Learn the basics of post-exploitation from advanced infosec professionals Join Carlos Perez (@darkoperator) as he shares some of the post-exploitation methodology used by TrustedSec security consultants performed during actual attack simulations. Each of the four individual webinars will focus on...
Recent Podcasts
A Route to Failure
May 23, 2022
Where Do Want to Work Today?
May 23, 2022
Opsec is Hard
May 23, 2022
