The State of Penetration Testing – PSW #631
Penetration testing has evolved quite a bit in the past year. As defenses shift, and in some cases get much better, attack techniques and landscapes have changed as well.
- What has changed in the past year with regards to penetration testing?
- What is adversary simulation? What are the benefits? Is the offering and consumption of this service an indication that organizations are getting better at building effective security programs?
- How has the increased popularity of breach and attack simulation tools impacted penetration testing?
- Has the MITRE attack framework impacted penetration testing? If so, how?
- Many advanced penetration testers seem to be keeping their tools private as to avoid detection by endpoint security products. Is this happening, and if so what is the impact? Should we share more? Less?
- With so many tools available today for penetration testing, what can blue teams and internal red teams do to prep for an external penetration test?
Guests
Chris possesses more than 17 years of experience as a practitioner and researcher in the security field. The author of three (soon-to-be four) best-selling books, he also teaches three distinct international courses. Chris has trained various branches of the government, including the United States Special Operations Command and the Federal Bureau of Investigation. Additionally, Chris has debriefed dozens of general officers and government officials inside the Pentagon on social engineering and its effect on the United States.
David Kennedy is a Faculty member at IANS Research and Founder and Owner of TrustedSec, an information security consulting firm, and Binary Defense, a Managed Security Service Provider (MSSP) that detects attackers early to prevent large-scale invasions. In addition to creating several widely popular open-source tools, including ‘The Social-Engineer Toolkit’ (SET), PenTesters Framework (PTF), and Artillery. David has also released security advisories, including zero-days, with a focus on security research.
Prior to his work in the private sector, Dave served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. He also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.
Joe Gray, a veteran of the U.S. Navy Submarine Force, is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. By day, Joe is a Senior Investigator at SpyCloud in addition to being the Founder and Principal Instructor at The OSINTion.
As a member of the Password Inspection Agency, Joe has consistently performed well in Capture the Flag events, specifically those involving OSINT. Examples include 2nd Place in the HackFest Quebec Missing Persons CTF and Winning the TraceLabs OSINT Search Party during DEFCON 28 and DEFCON 29. Independently, Joe placed 4th in the DerbyCon OSINT CTF and 3rd in the National Child Protection Task Force Missing Persons CTF.
Joe has contributed material for a variety of platforms such as Forbes and Dark Reading in addition to his platforms. Joe has authored the OSINT tools DECEPTICON Bot and WikiLeaker in addition to the forthcoming book, Practical Social Engineering, due in late 2021 via NoStarch Press.
Tom Liston is a Lead Cybersecurity Instructor at Dark Matter, a security consulting firm in the UAE. He is also a Handler for the SANS Institute’s Internet Storm Center and co-author of the book Counter Hack Reloaded. In the past, he worked as the Principal Information Security Architect for Warner Brothers and spent 10 years as a Senior Security Consultant with InGuardians, Inc. – performing high-end penetration tests against Fortune 500 companies.
Ed Skoudis is a Faculty member at IANS Research and the founder of Counter Hack, a company focused on conducting ultra high-quality penetration tests and red team engagements to help organizations better manage their cyber risks. Ed is a SANS Fellow, author, and instructor who has trained over 20,000 cyber security professionals in the art of penetration testing and incident response. Ed is an expert witness who is often called in to analyze large-scale breaches.
Hosts
