Skip to main content
Core Security Logo Core Security Logo
  • Contact Us
  • Support
  • All Fortra Products
  • FREE TRIALS
  • Contact Us
  • Support
  • All Fortra Products
  • FREE TRIALS
  • Cyber Threat

      Products

      • Core Impact Penetration testing software
      • Cobalt Strike Red team software
      • Outflank Security Tooling (OST) Evasive attack simulation
      • Event Manager Security information and event management
      • Powertech Antivirus Server-level virus protection
      • Product Bundles

      Solutions

      • Penetration Testing
      • Penetration Testing Services
      • Offensive Security
      • Threat Detection
      • Security Information and Event Management
    • Penetration Testing Services Security consulting services
  • Identity

      Products

      • Access Assurance Suite User provisioning and governance
      • Core Password & Secure Reset Self-service password management
      • Core Privileged Access Manager (BoKS) Privileged access management (PAM)

      Solutions

      • Privileged Access Management
      • Identity Governance & Administration
      • Password Management
    • See How to Simplify Access in Your Organization | Request a Demo
  • Industries
    • Healthcare
    • Financial Services
    • Federal Government
    • Retail
    • Utilities & Energy
    • Higher Education
    • Compliance
  • Resources
    • Upcoming Webinars & Events
    • Blogs
    • Case Studies
    • Videos
    • Datasheets
    • Guides
    • Ecourses
    • Compliance
    • All Resources
  • CoreLabs
    • Advisories
    • Exploits
    • Publications
    • Articles
    • Open Source Tools
  • About
    • Partners
    • Careers
    • Press Releases
    • Contact Us
  1. Home
  2. Blog
  3. Reflections on Ekoparty 2021

Reflections on Ekoparty 2021

Ekoparty began as an underground hacking event, but has grown into one of the foremost cybersecurity conferences in Latin America. This year was the 20th anniversary of the incredible infosec event, which takes place every year in Buenos Aires. In order to discover insights from this year’s conference, we talked with two experts from Core Security who attended, and also served as trainers at the Hackademy portion of the event.

Could you tell us a little bit about your background and your day-to-day as a cybersecurity professional and how you got involved with Ekoparty?

Ricardo:

I started reverse engineering in the mid 90's as a hobby and in 2000 I founded CracksLatinos with some friends, a group dedicated to the study of software protection and reverse engineering. The group is still active and fully functioning, teaching and learning with thousands of tutorials, as well as creating videos, holding regular meetings, etc.

Given my knowledge and practice in reverse engineering I started working at Core Security 15 years ago as an exploit writer and have been there ever since. I focus on reverse patching software, writing exploits, etc.

I first became familiar with Ekoparty when I was required to go along with the other exploit writers at Core Security. Later on, we started to give live trainings every year and I have participated ever since.

Ekoparty has even honored me with the lifetime achievement award with greats like Gerardo Richarte, Ivan Arce, and Nicolas Economou for sharing knowledge and helping those who are starting out.

Esteban:

I started with reverse engineering around 2000, removing the protections to programs out of curiosity and to entertain myself. Shortly after that, I joined the CracksLatinos group Ricardo helped to found, where I gained and shared even more reverse engineering knowledge.  Later, I became part of some "teams" on the cracking "scene."  All of this was always purely for entertainment, since I was dedicated to something totally different for my day job (I had a business).

This all changed in 2008, when I got a job offer with Core Security, and went to an interview mostly out of curiosity.  They ended up offering me the job of exploit writer and I accepted the challenge because I was excited at the prospect of working in a field that, until that moment, was purely an enjoyable pastime. From then on, I started to participate in conferences like Ekoparty, building relationships with people working in cybersecurity.

How does Ekoparty work? What were your biggest takeaways from this year’s event?

Esteban:

Ekoparty is the most valuable cybersecurity conference in Latin America that takes place over five days. It basically consists of two main segments: trainings and talks covering a vast number of cybersecurity topics.  It is attended by people from many countries, especially South American countries such as Chile, Peru, Colombia, Ecuador and Brazil. Since the pandemic, Ekoparty has moved everything online, which takes away some of the warmth. However, there are always interesting talks and trainings.

Ricardo:

Ekoparty always has a good vibe and went smoothly this year, but since it was a virtual event, it was certainly a different kind of experience. People seemed to really miss the face-to-face interactions with like-minded people. Hopefully next year it will be back to full in-person!

Were there any trends you noticed—certain topics that came up more than they have in the past?

Ricardo:

There were so many great topics, but I noticed a lot more attention on security in general and fewer topics related to exploits, bugs, and exploitation techniques than we’ve seen before.

Esteban:

Each year of Ekoparty is quite different—all the talks and trainings are very diverse and deal with a wide variety of topics. Interestingly, while all the sessions are related to security, it is not exclusively computer systems—for example there is also coverage of physical security, including trainings on lock picking.

What’s your favorite part about attending this conference?

Ricardo:

It’s typically the face-to-face trainings! This year I did online trainings, but it made me a little sad and long to do in-person sessions again.

Esteban:

I like to participate both as an instructor in some trainings, as well as attending the talks that pique my interest and curiosity.  It is also a good place to meet up with former colleagues and friends.

What kind of training takes place during the Hackademy?

Ricardo:

We take a group of people and they go through different courses on varying security topics in order for them to explore and decide which topic they like the most. It is like an orientation—from there they can decide to follow a particular course that they can also take at Ekoparty.

Esteban:

Hackademy is an academy that consists of several modules in which different topics related to security are taught, including forensics, reverse engineering, web security, ethical hacking, pen testing, information management, etc.

What advice do you have for those new to this community?

Ricardo:

I have a novel’s worth of advice! In the articles that I write, I always point out certain differences between what it was like when I began this career, when the information was more difficult or impossible to find against the present time when everything is easy to find. While this seems great on the surface, there is a downside. It creates a feeling that if you don’t find something in a few minutes on Google, it is not worth wasting time with it. Whereas before if we did not find it (which was almost always), we kept experimenting, trying things until we learned it ourselves. This persistence is something that is still so important in cybersecurity and is worth cultivating.

Additionally, now there is almost too much information! It can be overwhelming and make it difficult to know where to start. There are so many resources it can be impossible to read it all, whereas, before the information was so scarce that you grabbed what you could.

Esteban:

For anyone who wants to start in the security area, you should know that you’ll never finish learning! It can be a constant challenge, but those who are curious and persevere will be rewarded. While anyone can learn about the subject, these attributes are fundamental.

Ricardo Narvaja
Meet the Author

Ricardo Narvaja

Cybersecurity Specialist Developer
View Profile
Meet the Author

Esteban Kazimirow

Exploit Writer
Core Security, by Fortra
View Profile
Related Content
Article
Reversing and Exploiting Free Tools Series
Article
How to Deal with Microsoft Monthly Updates to Reverse Engineer Binary Patches
3 Reasons You Should Be Using SIEM
Video
Why Pen Testing is Essential in Today’s Threat Landscape

Interested in learning more about cybersecurity professionals?

CTA Text

Check out our interview with one of our other experts to find out what it's like to be a penetration tester.

READ THE BLOG
  • Email Core Security Email Us
  • Twitter Find us on Twitter
  • LinkedIn Find us on LinkedIn
  • Facebook Find us on Facebook

Products

  • Access Assurance Suite
  • Core Impact
  • Cobalt Strike
  • Event Manager
  • Browse All Products

Solutions

  • Identity Governance

  • PAM
  • IGA
  • IAM
  • Password Management
  • Vulnerability Management
  • Compliance
  • Cyber Threat

  • Penetration Testing
  • Red Team
  • Phishing
  • Threat Detection
  • SIEM

Resources

  • Upcoming Webinars & Events
  • Corelabs Research
  • Blog
  • Training

About

  • Our Company
  • Partners
  • Careers
  • Accessibility

Support

Privacy Policy

Contact

Impressum

Copyright © Fortra, LLC and its group of companies. All trademarks and registered trademarks are the property of their respective owners.