Jean Marie-Bourbon
Bourbon Offensive Security Services | BOSS, @kmkz_security
Jean-Marie Bourbon is an offensive security expert and founder of Bourbon Offensive Security Services | BOSS.
Convinced that strong defense can only emerge from realistic offense, he has been active in offensive security since 2005, with hands-on experience ranging from consulting engagements to leading offesnsive security teams within a large organization in Luxembourg.
His background includes years of consulting work in Europe and international assignments across multiple countries, covering diverse technical and business contexts.
He has published security research, including vulnerability disclosures and 0-day exploits, and regularly shares field experience through talks and trainings worldwide.
Former baker turned hacker, he now focuses on realistic end-to-end attack scenarios, red teaming, and purple team engagements, continuing his international work through BOSS.
Offense for Defense !
talks & Q&A
Real-world banking fraud: challenge accepted !
Description
Most people still imagine financial fraud as something that requires 0-days, or “elite exploits”.
In reality, the most effective fraud scenarios often emerge when technical meets business logic and trust assumptions.
Infrastructure compromising and application architecture abuses require strong technical skills, but real impact comes from understanding how financial environments and systems actually work.
In this talk, we step away from the traditional security assessment mindset and adopt a true threat-actor perspective, combining technical expertise with banking and business knowledge.
Based on real-world engagements with a very explicit objective, “validate whether an end-to-end banking fraud is possible”, we will show how legitimate features, application design choices, and trust relationships can be chained into realistic, high-impact fraud scenarios.
No exotic exploits, no D.A and 0 theory: just TTPs that actually works to achieve the fraud objectives.
Challenge accepted!
