Lares Insider Threat Services

Insider threats are among the most dangerous and costly risks facing businesses of all sizes. The damage can be severe, whether it's an unintentional mistake, a disgruntled employee, or a malicious external agent compromising a trusted insider. Consequently, we at Lares safeguard your critical data, intellectual property, and reputation with comprehensive insider threat defense.

Penetration Testing

We identify and exploit real-world attack paths to validate your defenses. Additionally, this rigorous process goes beyond identifying vulnerabilities to simulating a full-scale attack

Continuous Testing

Our experts monitor your environment 24/7, detecting new threats and vulnerabilities as they emerge.

Insider Threats

We map out your true insider threat risk profile, exposing weaknesses and helping you build robust defenses.

We protect against data leaks and exploits, analyzing publicly available information that could be used against your organization.

Hardware Testing

Our team assesses your hardware devices for potential vulnerabilities, providing specialized insights into these attack surfaces.

RF Spectrum

We go beyond standard protocols, analyzing your RF spectrum to secure a wide range of communication systems.

Vulnerability Research

We proactively uncover new security flaws in various technologies, keeping you ahead of emerging threats.

Our team replicates real-world attacks on your supply chain to identify exposures and strengthen the security of your entire ecosystem.

We leverage deep cloud expertise to evaluate your cloud configurations, architecture, and security posture across major platforms.

Discover Hidden Vulnerabilities with Lares Testing and why our comprehensive testing services go beyond traditional methods.

Executives: Download Your Insider Threat Defense Guide

This comprehensive resource outlines the strategies and tactics used by advanced adversaries – and reveals how we help you outsmart them.

Discover Your Weaknesses: The Lares Insider Threat Methodology

Learn how we simulate insider attacks to expose potential vulnerabilities, test your defenses, and strengthen your security posture.

Who you will be working with:

Senior Adversarial Engineer

Aidan Mitchell

Senior Adversarial Engineer

Raúl Redondo

North America Adversarial Engineering Lead

Brendan Hohenadel

Principal Adversarial Engineer

Chris Pritchard

Lee Kagan
Senior Adversarial Engineer

Lee Kagan

Senior Adversarial Engineer

Steve Spence

Senior Adversarial Engineer

Neil Lines

Adversarial Engineer

Alden Vanderspek

Principal Adversarial Engineer

Dave Storie

Adversarial Engineer

Jonathan Wiggins

Senior Adversarial Engineer

Aidan Mitchell

Aidan has worked across both offensive and defensive security disciplines for almost a decade. This included several years in the fintech space, exposed to the rapidly changing world of DevOps, containerisation, and cloud security. His focus in recent years has been on developing effective tradecraft for targeting cloud- and SaaS-native enterprises. He works to a mantra of building before you break, spending considerable time developing, implementing, and deploying the technologies used by the industry to guarantee an intimate familiarity with the problems that clients face.

Senior Adversarial Engineer

Raúl Redondo

Raúl is a specialist in offensive security with more than 7 years of experience. While he has experience in various fields, such as web and mobile audits, social engineering campaigns and cloud pentests (AWS, Azure, GCP), he has specialized in red/purple team projects, being passionate about Windows and Active Directory. Raúl holds several certifications, including Xintra’s Attacking and Defending Azure and M365, CRTO, OSCP, OSWE, OSEP, OSWP, among others. He also serves as an associate professor in Master’s Degree in Cybersecurity and Information Security from Castilla-La Mancha University. He consistently aims to add extra value to projects by thinking outside the box. Raúl enjoys spending time with his family, practicing sports, playing video games, watching movies, and hiking.

North America Adversarial Engineering Lead

Brendan Hohenadel

Brendan got his beginning in desktop support before moving over to security, first as defense before switching sides for offensive security. His current focus is malware development and payload delivery, as well as scouring enterprise networks for vulnerabilities, misconfigurations, and loot. Brendan has a bachelor’s degree in Computer Science and CISSP, OSCP, and OSCE certifications. He has presented at DefCon416, BsidesTO, and has participated in C3X. In his spare time, Brendan enjoys practicing a variety of martial arts, reading comic books, playing video games, and gardening.

Principal Adversarial Engineer

Chris Pritchard

Chris has worked in a range of industries, most notable of which are Critical National Infrastructure (CNI), and leading edge design and manufacturing (Dyson). Doing so has given Chris a very varied array of knowledge, from penetration testing robot vacuum cleaners, to designing and testing secure ICS/OT networks.

During Chris’ time at Dyson, he was involved in developing the global security team and performing internal penetration testing. Chris was also heavily involved with securing the design of Dyson’s current and future internet connected appliances, and corresponding smartphone applications. 

Chris is an Adversarial Engineer (aka penetration tester) at Lares which involves him acting and thinking like a genuine attacker to compromise client networks. Chris’ skill set also includes Social Engineering, and he has successfully gained access into CNI, Airports and Casinos, which are regarded as some of the most secure facilities in the industry.

Chris has been lucky enough to have spoken at DefCon twice, and many different BSides’ across the country.

Lee Kagan

Senior Adversarial Engineer

Lee Kagan

Lee is specialized in research and analysis to assist organizations in assessing security controls, training customer internal offensive and defensive engineers, and security program maturation exercises and assessments. He is experienced in offensive tool development, threat hunting, detection engineering, evasion and bypass research, malware analysis, Active Directory security, Microsoft Windows internals & security, and Microsoft Azure security.

Senior Adversarial Engineer

Steve Spence

Steve is an experienced adversarial security engineer and penetration testing team leader. Having worked across multiple high-profile sectors such as, GOV, Defence, FinTech, Banking, Medical and Health Insurance, resulted in accumulating over 15+ years of security experience, spanning physical security breaches, cyber security and social engineering.

Steve regularly helps develop and deliver targeted penetration testing, scenario-based engagements, while working alongside ‘in-house’ security teams to help mature their security posture. Steve has also attained/held a number of industry recognized security certifications from the likes of ITIL, CompTIA, SANS, Tiger Scheme and GCHQ.

In addition to his day-to-day responsibilities, Steve has volunteered at well-known security conferences, such as 44Con, BSides and SteelCon in order to give back to the security community.

Senior Adversarial Engineer

Neil Lines

Neil Lines is an offensive security, red team specialist, with over ten years’ experience in performing internal, external infrastructure, web application, social engineering, and red team engagements. Before specializing in security Neil worked for over four years in IT engineering roles including desktop, networking support and design. Neil regularly performs guest lectures on penetration testing and has spoken at many security conferences. Over the years Neil has collected over nine industry recognized IT certifications from the likes of CREST, Tigerscheme, EC-Council and Cisco.

Adversarial Engineer

Alden Vanderspek

Ravenously curious, driven, and just a little mischievous, Alden began their exploration of hacking at university where they spent their free time collecting bug bounties and teaching others about security. After graduating into an on-prem Red Team, Alden developed a particular talent for compromising anything with a Linux kernel. With a passion for slinking around networks, making suspicious phone calls, and opening locked doors, Alden strives each day to push the limits of their abilities. When not behind a keyboard, Alden can be found studying classical Japanese swordsmanship, watching spooky movies, or backpacking through the Cascades.

Principal Adversarial Engineer

Dave Storie

Dave got his start in IT working as a Systems Administrator learning to deploy, manage and maintain enterprise networks before pivoting to offensive security. Dave has performed a variety of security testing throughout his career with the majority of his security career focused on conducting full scale Red Team operations. He holds OSCP and OSCE certifications and has spoken at BSides Toronto and multiple student groups in the Greater Toronto Area about working in Information Security.

Adversarial Engineer

Jonathan Wiggins

Jonathan, an inquisitive security enthusiast and penetration tester with over two decades of technical experience, has dedicated the past decade and more to managing, securing, and skillfully navigating through network infrastructure, web applications, servers, and workstations. During this time, he played a pivotal role in leading internal Bug Bounty, Purple Team, and Pentesting programs. His expertise extends to direct experience in pentesting medium to large organizations, covering Network, Active Directory, Azure/AAD, Web Application/API, and social engineering engagements.

LABS BLOG: All about Insider Threats

Explains insider threat assessments: what they are, who benefits, and how they simulate real-world threats by using existing tools within your network for a more realistic assessment.

LABS BLOG: Insider Threats vs Penetration Testing

Understand the difference between insider threat assessments, which simulate a malicious employee within your network, and red team engagements, which test your overall security posture against external attacks, to choose the right security testing solution for your organization.

LABS BLOG: Insider Threats vs Red Teaming

This post clarifies the distinctions between insider threat assessments and red team engagements, highlighting differences in initial access, duration, and resources, while emphasizing their shared goal of evaluating your organization's ability to detect and respond to skilled adversaries.

Some of our Delighted Customers

"The expertise and professionalism that Lares' Purple Team brings to the table are unmatched. We will definitely be bringing them back for future engagements."
Benjamin Vaughn
SVP & CISO, Hyatt
"They wanted to see us succeed as much as we wanted to see us succeed. This is why, 10 years later, we are still having this conversation."
Jeffrey Hecht
(Former) Chief Compliance & Security Officer, The Word & Brown Companies
"The biggest benefit of having a Lares vCISO is getting guidance on how to tackle security issues and determining a realistic approach on how to address them."
Andrew Casceillo
Corporate Director of Technical Services, Ulbrich Stainless Steel and Speciality Metals Inc.

CASE STUDY: Word & Brown

Using a culture of security as a baseline, Word & Brown achieved compliance because of its security journey — not in spite of it.

Looking for something else?

Empowering Organizations to Maximize Their Security Potential.

Lares is a security consulting firm that helps companies secure electronic, physical, intellectual, and financial assets through a unique blend of assessment, testing, and coaching since 2008.

15+ Years

In business

600+

Customers worldwide

4,500+

Engagements

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Email Us

©2024 Lares, a Damovo Company | All rights reserved.

Error: Contact form not found.

Error: Contact form not found.

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.