Caleb
Caleb is a seasoned cybersecurity professional, boasting over 9 years of experience in threat emulation. He specializes in various areas, including red teaming, purple teaming, penetration testing, and physical security assessments. Previously a consultant at Optiv where he obtained the OSCP, and currently serving as an Offensive Security Engineer at PayPal, Caleb orchestrates and executes red team engagements by focusing on enhancing security effectiveness through purple team engagements within both cloud and internal networks. Caleb demonstrates his ability to identify vulnerabilities and mitigate risks through active participation in bug bounty programs on platforms like HackerOne and PayPal, contributing as both a researcher and in supportive roles. Additionally, he has refined his skills through endpoint detection and response testing, further enhancing his expertise in cybersecurity. Caleb has presented the following talks:
• Blackhat USA 2024: Into the Inbox: Novel Email Spoofing Attak Patterns
• Optiv Team Summit 2018 - OSINT from the Ground Up
• Optiv Team Summit 2019 - Bypassing Windows Defender
• Optiv Team Summit 2020 - Data Security for Consulting
• PayPal ECS Conference 2021 - Anatomy of a Red Team Engagement
Session
This talk unveils previously undisclosed vulnerabilities in Microsoft Defender and Zscaler, currently under review by Microsoft and US-CERT. It explores how adversaries can bypass EDR protections without malware or exploits—leveraging native OS tools, misconfigurations, and weak self-protection mechanisms. Through real-world examples and live demos, the session will challenge assumptions about EDR resilience and reveal how simple, repeatable techniques can disable or remove endpoint security controls.