TECHNOLOGY MEETS SECURITY
History of Lares
Lares were protector deities in ancient Roman culture; members of the family that had elected to forgo the afterlife and spend eternity safeguarding the future. They were devoted to observing, protecting, and securing all aspects of their extended family’s lives and livelihoods. The Romans counted on Lares to always be ready, guiding them to wisdom and safety.
The Lares Team
Chris and Eric founded Lares®, and assembled the Lares Team, to help assess and improve your security posture, in a way that allows you to make informed choices about how to protect what matters most, and build a bridge between where you are, and a more secure enterprise.
Chris Nickerson, CEO of Lares, has spent the last 23 years of his career leading, inspiring, and sometimes irritating, the security industry. With Lares co-Founder Eric M. Smith, he created the unique methodology used at Lares to assess, implement, and manage information security realistically and effectively. Collaborating with a group of other InfoSec researchers, he founded the Penetration Testing Execution Standard (PTES), and is working with the Red Team Alliance Training Collective to create a certification for Red Team Testing.
He is one of the founders of the Security BSides conferences, he’s been a keynote, speaker, and/or trainer at more than fifty InfoSec conferences worldwide, including DEFCON, CyberWeek, and BlackHat. He’s a member and certification holder with ISACA, on the board of CREST, and holds CISSP, CISA, BS7799, and NSA IAM certifications.
His book, Red Team Testing, is upcoming from Elsevier/Syngress. And despite all that, he is perhaps best known for his appearance on the TV show Tiger Team on TruTV, and his TED Talk, Hackers are all about curiosity, and security is just a feeling.
Eric is a 20-year veteran of the Information Security industry. He holds a bachelor’s degree in Information Systems Security and maintains active CISSP and CISA certifications. Along with Chris Nickerson, he helped create the Penetration Testing Execution Standard (PTES). Prior to working at Lares®, he founded Full Protocol, and worked as a senior security consultant and analyst at a major utility, technology, and energy companies. He’s spoken and/or taught at DEFCON, Security BSides, DerbyCon, HackCon, Infosec World, ShakaCon, DakotaCon, and other worldwide conferences.
Felipe’s core skills involve web application, API, infrastructure, compiled application, and hardware/IoT penetration testing, with a good understanding of cryptography, electronics, and “the binary world”. He has a BSc in Computer Science, and an MSc in Cyber Security and Forensics, as well as OSCP and OSCE, among others. He enjoys finding creative and sometimes overly engineered solutions to challenging problems.
Alex is an Information Systems Security Graduate and knew he would end up in a penetration testing or Red Team role ever since the concepts were introduced to him. He has experience with a variety of assessments and adversary scenarios. When he isn’t in someone else’s network, he enjoys learning and preparing for the next engagement by researching the latest and greatest techniques and loves nothing more than a practical attack that he can put to good use. Outside of security, he enjoys traveling and restoring old cars.
Dave spent nearly a decade as a Systems Administrator learning to deploy, manage and maintain enterprise networks before pivoting to offensive security. Dave has always been passionate about information security, recently serving as a Red Team Operator on an internal team before joining Lares.
Dave holds OSCP and OSCE certifications. When he’s not in front of a computer screen or reading a technical book, Dave enjoys spending time with his family, playing drums, and cooking.
Thomas delicately slices open mobile apps like a fine cheese. When he’s not experimenting with cloud orchestration and web frameworks, he’s running marathons and riding the wakeboard.
Eric has been doing consultative selling and account management for 22 years, with 12 of those years in the information
technology sector. He is experienced in data center managed services, internet service, managed security services, and IT security audit services and creating sound business continuity and resilience strategies for mid-market and small businesses.
He is also experienced in compliance frameworks, network testing, policy and procedure oversight, pillars of security program development, and security risk management. Eric’s Early background includes account management, inside sales support, help desk support, scheduling/service coordination, analyst and project management, product/services management, and quality assurance.
Eric holds a Bachelor of Science (BSc) in Environmental Management Systems from Louisiana State University.
Brendan got his beginning in desktop support before moving over to security, first as defense before switching sides for offensive security. His current focus is malware development and payload delivery, as well as scouring enterprise networks for vulnerabilities, misconfigurations, and loot. Brendan has a bachelor’s degree in Computer Science and CISSP, OSCP, and OSCE certifications. He has presented at DefCon416, BsidesTO, and has participated in C3X. In his spare time, Brendan enjoys practicing a variety of martial arts, reading comic books, playing video games, and gardening
Teresa joined Lares in February 2018, as a certified project manager and brings with her more than 12 years’ experience in the IT/IS and healthcare industries.
She excels in establishing excellent working relationships with clients, employees, vendors, and contractors. Teresa is highly adaptable and focused on results, with a proven record of achieving successful projects that meet budget, schedule, and scope.
A big believer in giving back to the community, she volunteers for Whiz Kids Tutoring, Denver Rescue Mission, and Cornerstone Church.
Albert joined the Lares team in February 2021 after spending the first 6 years of his career in analyst roles with a focus on accounting, business process, and software implementation. His work experience includes multiple industries – including supply chain and logistics, real estate development and construction, and SaaS. In each role, there was always a gravitational pull that connected Albert to optimizing systems and processes. In his free time, he can be found in the outdoors or with loved ones.
Mark Arnold has a 15+ cybersecurity career, serving 8 of those years in leadership roles. As a transformational leader, Mark has built security teams and programs, authored maturity model blueprints to optimize risk management processes, and implemented security domain practices at large enterprises and service providers. Mark’s areas of interest include cloud security, threat intelligence, and vulnerability research, nation-state attack methods and related activities (e.g. information operations and disinformation campaigns) and their collective impact on nations and society. Mark recently completed an executive education cohort on the intersection of cybersecurity and technology at Harvard’s Kennedy School.
Mark also commits time to the security community as an OWASP chapter and InfoSecWorld board member, among others. He holds industry certifications and has satisfied his intellectual curiosity with earned degrees from Stanford (BSEE), Princeton Seminary (Mdiv), and Harvard University (AM, Ph.D.). He is a former competitive gymnast and an ordained minister but, most importantly, cherishes his role as a husband and dad who thrives on hugs.
Josh is a software engineer turned hacker who enjoys spending time dissecting web applications and making them bend to his will. He holds multiple certificates from Offensive Security and a bachelor’s degree in Computer Science from UC Berkeley. In his free time, he can be found playing video games, riding skateboards, or hanging out at the beach with his family.
Louai started his career hunting cybercriminals as Threat Hunter at Bell Canada before transitioning into his current role as an Adversarial Collaboration Engineer at Lares. He specializes in purple teaming, detection engineering, threat hunting, and incident response. An avid programmer, Louai loves to automate everything at work (much to the merriment and jubilation of his teammates) and in life (as proof, he uses an electric toothbrush).
Louai also loves solving problems with data and common sense and is a big Jupyter ecosystem enthusiast. Finally, Louai believes in giving back to the cybersecurity community by contributing to meetups and events such as ISSessions, C3X, and SecTor. Outside of work, Louai loves to dance, travel, listen to music, write poetry, play poker, and hang out with his outrageously beautiful but undeniably annoying friends whom he loves very, very much.
Luke considers himself a generalist hacker and loves to get involved with anything related to breaking security controls. Over the years, he has experienced a wide range of scenarios that have led to tearing apart different technologies and finding their flaws. If he had to pick one area of particular interest, it would be AppSec. Luke has a bachelor’s degree in Ethical Hacking, as well as certifications from the likes of CREST, AWS, and Offensive Security. He also likes to give time to the infosec community and provides free educational content on YouTube. Outside of security, he likes to partake in running events and drink a lot of coffee.
Ben got his start in computer repair before working his way into IT Support and Network Administration. He spent roughly eight years working in the retail, energy, and healthcare sectors before discovering the world of offensive security. Ben jumped in with both feet aggressively pursuing and achieving the OSCP and never looked back.
Ben has 6 years of collective penetration testing experience with a focus on external and internal engagements. His current interests have been learning more about testing cloud infrastructure. In his free time, Ben enjoys spending time with his family, hitting the gym, and pursuing his plethora of geeky hobbies such as tabletop gaming, miniature painting, etc.
Andy is a hacker at heart, a penetration tester, and a consultant who has always been interested in taking things apart and sometimes even putting them together again (in fact, he spent a good few years in computer repair and data recovery). He is passionate about offensive security and specializes in red teaming and simulated attacks. He also is striving to further defensive technologies better to assist clients with their technological and strategic issues. Andy has a bachelor’s degree in Digital Security, Forensics, and Ethical hacking and CRTO and OSCP certifications. He also helps out at DEF CON as a SOC Goon each year (since DC25), assisting the SOC with operations and people flow.
Nick is an enthusiastic sales professional with over 15 years of customer service experience. Nick came to Lares after spending the past 6 years facilitating the development and implementation of standard sales and customer service practices for one of the world’s largest electric vehicle manufacturers, where he was named the #1 customer experience specialist in North America for multiple years. Nick specializes in administrative technology and is responsible for educating other employees on using progressive systems and applications, including mass communication software and organizational apps.
Nick is a powerful force in the workplace and uses his positive attitude and tireless energy to exceed customer expectations and provide excellent service. He is passionate about developing and maintaining strong relationships centered on trust with each client.
Outside of work, Nick enjoys traveling with his wife, hanging out with family and friends, and being a beach bum.
Chris has worked in a range of industries, most notably Critical National Infrastructure and leading-edge design & manufacturing. This has given Chris a varied array of knowledge, from designing secure Industrial Control System networks, to penetration testing robot vacuum cleaners.
He has been dedicated to a wide range of penetration testing for the last 8 years, specializing in social engineering and industrial control systems. His most notable “break-ins” have been airports, casinos, and critical national infrastructure (CNI).
Andrew Hay is a veteran cybersecurity executive, strategist, industry analyst, data scientist, threat and vulnerability researcher, and international public speaker with close to 25 years of experience across multiple domains. He prides himself on his ability to execute security strategy without neglecting business objectives and the needs of its customers. Andrew is the author of multiple books on advanced security topics and is frequently approached to provide expert commentary on industry developments. He has been featured in publications such as Forbes, Bloomberg, Wired, USA Today, and CSO Magazine.
Amanda has been a senior executive at oil and gas companies for the last 18 years before transitioning into cybersecurity. She started her career in Calgary, Canada, and has worked throughout North America, the Middle East, and North Africa. During her career, she has been a founding member of numerous oil and gas companies specializing in finance and operations. She is a great paper pusher, mother of two fur babies, and a crazy Canadian who has traveled and worked around the world.
Darryl has over 20 years of experience in the IT security sector, having been responsible for developing, managing, and assessing information security programs for all levels of enterprise and government-level organizations.
He has spoken at multiple conferences such as Security BSides St.John’s and GoSec. He also sits on the Board of Directors for AtlSecCon and is the former lead organizer for Security BSides Cape Breton.