Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Bishop Fox at BSides Mexico 2025

Date:
Friday, July 18, 2025
Location:
BSides Mexico | Mexico City, MX
Cartoon mascot holding BSides CDMX 2025 conference sign with bold CONFERENCE text in background.

We're proud to support our community in Mexico as a Silver Sponsor of BSides Mexico City 2025! Join Bishop Fox consultants throughout the day for hands-on workshops and real-world insights covering cloud security, mobile app bypass techniques, and lessons from high-stakes incident response cases.

Workshop: Cloud Pentesting 101 – How to Survive in the Clouds

Speaker: Juan Jasso, Security Consultant II

Time: 11:00 AM – 1:00 PM EST

Kick off your day with a hands-on, beginner-friendly workshop on cloud security assessments. Juan Jasso will walk attendees through identifying and exploiting vulnerabilities in a custom AWS environment using the Cloudfoxable learning platform and Cloudfox, Bishop Fox’s open-source cloud enumeration tool.

What You’ll Learn:

  1. Core concepts of cloud security testing
  2. Using Cloudfox and Cloudfoxable in assessments
  3. Common misconfigurations and how attackers exploit them
  4. Hands-on practice through real-world challenges

Whether you're just getting started in cloud security or want to sharpen your skills, this session is for you.

Workshop: Burning Down the Walls – Bypassing Security Methods on Android and iOS

Speakers: Luis de la Rosa & Steeven Rodriguez, Bishop Fox

Time: 1:00 PM – 3:00 PM EST

In this advanced mobile security workshop, Luis and Steeven will demonstrate how to identify and bypass root and jailbreak detection mechanisms on Android and iOS. Attendees will explore both manual and automated techniques using tools like Objection, and learn how to script their own bypasses while understanding the underlying technologies.

What You’ll Learn:

  1. Techniques for bypassing root/jailbreak detection
  2. Using Objection and scripting custom bypasses
  3. How mobile apps implement (and fail at) these controls

Talk: Looking Back, Containing Chaos – Lessons from Real-World Intrusions

Speaker: Abdel Bolivar, Bishop Fox

Time: 6:00 PM – 7:00 PM EST

Wrap up the day with Abdel Bolivar as he walks through high-impact incidents he’s investigated—from attacks on financial systems to cryptojacking campaigns in enterprise networks. This session distills key lessons on detection gaps, response missteps, and what defenders got right during critical moments.

What You’ll Learn:

  1. Real-world case studies including the SPEI compromise and ATM fraud
  2. Common pitfalls in detection and response
  3. Practical takeaways for improving your incident response playbook
Bfx25 Juan Jasso

About the speaker, Juan Jasso

Security Consultant II

Juan Jasso is a Security Consultant II at Bishop Fox, specializing in offensive security and cloud penetration testing. Active in cybersecurity since 2017, he’s honed his skills on platforms like TryHackMe, Hack The Box, and Offensive Security.

He has delivered pen testing services to both Mexican and global clients and has competed in the Hackmex tournament, representing National Autonomous University of Mexico (UNAM) with Team PumaHat and Bishop Fox with the Vicious Interns. Juan is currently completing a Computer Science degree at UNAM.

More by Juan
Bfx25 Steeven Rodriguez

About the speaker, Steeven Rodriguez

Senior Adversarial Operator

Steeven Rodriguez is a Senior Adversarial Operator on the Cosmos team at Bishop Fox, where he specializes in advanced offensive security engagements and continuous threat emulation. His work spans penetration testing across network, web, and mobile applications for clients in various industries, including finance, healthcare, and technology.

Steeven is an active contributor to the InfoSec community, regularly attending cybersecurity conferences and competing in CTF competitions. He has hosted hands-on workshops on mobile application penetration testing at events such as Security BSides CDMX and HackGDL, where he shares insights on exploiting mobile vulnerabilities and secure mobile development practices.

More by Steeven

Ready to get started? We can help.

Contact Us

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.