Red Team
Unlike the distributed world where microservices run in containers on multiple different hosts, in the mainframe world everything is typically run from only a handful of LPARs. As a result, mainframes have a much larger network footprint directly correlating to their threat landscape. This talk will walk through network service enumeration, demonstrating a typical z/OS blackbox network pentest and how easy it is for attackers to go from zero access to complete LPAR compromise. Using a variety of examples, attendees will gain a better understanding of the risk of exposed network services. Live demonstrations of our attack techniques will be shown using open source and freely available tooling, allowing you to conduct this testing yourself.
David M. N. Bryan is a seasoned hacker and security professional with over 25 years in the information security space. Currently at NetSPI, David specializes in penetration testing across a broad range of technologies, including mainframes, ATMs, storage systems, IoT devices, payment systems, and more.
David’s career spans both offensive and defensive security roles—from securing a top ten bank’s infrastructure to helping protect the DEF CON network. A long-time DEF CON goon, he’s contributed to the community for decades and brings deep expertise in areas such as embedded systems, network and wireless security, web application testing, and physical security.
He has shared his knowledge at major security conferences including Black Hat, DEF CON, ToorCon, LayerOne, ToorCamp, BSides, and AppSecUSA, among others. Most recently, David was part of the NetSPI Mainframe team that took first place in the Capture the Flag competition at the Share 2025 Mainframe Conference in Washington, D.C.
We proudly present SecretCon, an entirely unparalleled conference for the state of Minnesota, built for our new digital reality. This conference is dedicated to the many specialties of our hacker, cybersecurity, and privacy community. We have taken it upon ourselves to construct a conference that not only embraces our past, but also looks to the future. Join us!
