44 min listen
53: Offensive security at Meta’s Red Team X
ratings:
Length:
42 minutes
Released:
Jun 29, 2023
Format:
Podcast episode
Description
Red Team X is a security team at Meta that is responsible for finding and exploiting vulnerabilities in third-party products that could impact Meta's own security. The team acts as a hybrid between a traditional red team, which focuses on probing their own organisation's systems and products for vulnerabilities, and an elite bug-hunting group. The team was founded by Vlad I. in 2020 when the pandemic and the sudden shift to Work From Home challenged various previously-held assumptions about security. In his discussion with Pascal, Vlad explains the roles of different security teams within Meta, how they go about prioritising the highest-impact targets to exploit and how they work with vendors to ensure not just Meta but the entire world benefits from the fixes produced. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/. Links: The Diff episode about Velox: https://thediffpodcast.com/docs/episode-17 Risky Business Podcast: https://risky.biz/ RTX Blog: https://rtx.meta.security RTX Disclosures: https://rtx.meta.security/bugs RTX in WIRED: https://www.wired.com/story/facebook-red-team-x-vulnerabilities/ Timestamps: Intro 0:06 Vlad Intro 1:55 Red Teaming 2:43 Staying up-to-date 6:34 Different team colours 10:02 Defence-in-depth 12:44 Red Team X 15:57 Hardware v Software 19:43 Focus areas 21:29 Prioritising requests 22:44 Notable RTX Disclosures 26:05 Vulnerability disclosure policy 28:52 Getting into offensive security 38:48 Outro 40:51
Released:
Jun 29, 2023
Format:
Podcast episode
Titles in the series (67)
7: Performance and Instrumentation with Ariane: In this episode, Ariane joins for an in-depth conversation about performance logging. With more than 10 years focusing on this problem, Ariane moved from Facebook Seattle to Facebook London and started a team with other engineers that are as... by Meta Tech Podcast