Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

Instructor Spotlight: Jean-François Maes

Jean-François Maes is an instructor for SEC699: Purple Team Tactics - Adversary Emulation for Breach Prevention & Detection.

Authored byJean-François Maes
Jean-François Maes

PURPLE_Jean-François_Maes_Spotlight_Card.jpeg

Jean-François is based in Belgium where he is part of TrustedSec’s technical security team. As a senior security consultant, he provides cyber resiliency services with a focus on infrastructure-based assessments, red teaming, and social engineering.

SANS: What made you choose to work in security?

Jean-François: I used to be a system engineer but quickly realized that that was not the direction I wanted to go. I started automating a lot of boring tasks which made me have a lot of free time on my hands. The firm I used to work for had several branches and one day, we had a company get together where all branches gave more information about what they are doing in their day to day. The pentest branch presented an intro to Metasploit, and when that first meterpreter session opened, I was sold. From there on, I started studying up on network infrastructure and their weaknesses and left my sysengineering job to start working as a pentester. After being a pentester for a while, I transitioned into red teaming and later on, took on purple teaming assignments as well.

SANS: What courses do you teach?

Jean-FrançoisI teach the SANS SEC699 : Purple Team Tactics - Adversary Emulation for Breach Prevention & Detection. I hope to one day have a 799 course as well in the future, who knows 😉

SANS: Why do you teach, research and practice information security?

Jean-FrançoisI teach because in my opinion, knowledge is useless if it is not shared. I have a strong mindset when it comes to making the (virtual) world a safer place, which is why I don’t believe in “knowledge hoarding”, when I learn something new, I tend to (over)share in an effort to make people aware of the (virtual) risks they are facing. On top of that, it brings me great joy when I teach and people come up to me afterwards and saying that they now understand something a lot better.

SANS: What tips can you provide newcomers to cyber security and offensive operations?

Jean-FrançoisBe a spunge ! (of course I do not mean that literally), What I’m trying to say is keep your mind open and never assume you know everything about everything. The infosec world is vast, there will always be people with more knowledge than you. My tip is, identify which areas of the field interest you most, find some experts in that field and try to absorb their knowledge as much as possible.

SANS: Who has influenced your information security career?

Jean-François: Tons of people have influenced my infosec career. It started of with one of my former colleagues that initially sparked my interest. Once I identified that I wanted to dig deeper into network pentests and red teaming, I quickly identified several people that I wanted to learn from, here is a long, yet not exhaustive list of people that have influenced me one way or another, you might recognize some of these names as there are some SANS instructors on the list!:

That list goes on for a significant while.. 😊

SANS: What do you want people to know about you?

Jean-FrançoisI love spreading my knowledge! I’m an avid blogger and occasional toolsmith so definitely keep your eye on my GitHub or blog site (https://redteamer.tips). In addition to that, I also dislike it when people are very arrogant, or try to profit of other peoples work (sometimes even without crediting the researchers). I’m all for knowledge sharing, but don’t come ask me how to hack Instagram/facebook because that really is not what I’m all about. Finally, #redteamfit all the way! I am an avid gym goer, I workout pretty much every day early in the morning, as it helps me clear my mind and become energized for the rest of the day!

SANS: Favorite quotes / books / music, etc

Jean-François:

I enjoy all kinds of music really, my go to’s are rap and dance though, as I use those to blast through my workouts. My favorite quote of all time is from Dwayne “The Rock” Johnson: “Blood… Sweat… Respect…, the first two you give, the last one you earn”.

Another one of my favorite quotes is: “Work hard, play harder”, in my opinion this is certainly true in infosec. It is important to unplug sometimes and have some fun.

SANS: Are you a gamer? If so, does gaming somewhat influence your approach to security?

Jean-François: I WAS an avid gamer before I started to work. Nowadays, I spent far less time in virtual game worlds than I sometimes like. But yes, being a gamer has influenced my infosec career. Much like videogames, I love infosec challenges, preferably in teaming fashion. I tend to avoid a lot of CTF’s because I can get consumed by it and forget to eat (and sleep). This is probably some remnant of my gaming past when I used to spend hours in MMORPGs such as World of Warcraft. For the CTF’s I do participate in however, I usually work to the bone on those. This is also the reason why I tend to do a lot of certifications, as they are nice challenges to prove you grasp concepts. The gamification of these things have certainly helped me evolve my skills.

SANS: Tell us about things you enjoy that people may not expect.

Jean-FrançoisIn addition to hacking and teaching, I’m also a hobbyist actor and singer. I hope that one day I’ll be able to play a role in a marvel or dc superhero movie.

Read Jean-François's full formal profile here.
Webcast: So You Want To Be A Red Teamer?

Presented by: Jorge Orchilles and Jean-François Maes

Meet the expert

Jean-François Maes
Jean-François Maes

Jean-François Maes

Certified Instructor

European director of advanced assessment at Neuvik, specializing in penetration testing, red teaming, and adversary emulation. Passionate open-source contributor with extensive experience in offensive security technologies.

Read more about Jean-François Maes
Instructor Spotlight: Jean-François Maes | SANS Institute