These days, improving security is fraught with challenges. Your attack surface keeps changing. You likely have vulnerabilities hiding in assets you don’t even know exist. And convincing people to remediate vulnerabilities after you identify them is harder than it should be – oftentimes, they won’t even admit there’s a problem!
In our upcoming webinar, we'll explore how combining attack surface management with continuous pen testing can overcome these challenges. We’ll discuss the benefits of continually hacking yourself to discover new assets (including many you don’t even know you have) and their associated vulnerabilities, and answer key questions like: What's the impact of these vulnerabilities to my organization, and how should we prioritize fixes? We'll also explore what’s driving the evolution of offensive security, why the time for continuous hacking is now, and how to focus your attention on vulnerabilities that have a real impact.
Tune in to learn how to implement a strategy that gives you confidence your attack surface is covered, and stops the internal debating and theorizing so you can focus on fixing the exposures that pose the greatest risk to your business.
Chief Innovation Officer
Paul Asadoorian is the Chief Innovation Officer at CyberRisk Alliance. He is also the founder of Security Weekly, a security podcast network providing free security information to the community and security market validation to a wide variety of security companies. Paul is the primary host to several shows, including Paul’s Security Weekly and Enterprise Security Weekly, providing the security community with valuable knowledge and insights. Paul is also a founding member of Active Countermeasures, a startup dedicated to providing reliable sources of actionable intelligence. Previously Paul has held technical (and marketing) positions at Tenable Network Security, penetration testing firms, and universities. Paul has also spent time as an instructor for The SANS Institute, an IANS faculty member and has presented at security conferences including RSA, Derbycon, Brucon, SOURCE Conference and more.
AVP of R&D
Joe brings over 20 years of experience to his role as Associate Vice President of R&D where he is responsible for nurturing a culture of innovation across Bishop Fox. Over his career, Joe has amassed many security certifications, delivered several presentations, and has co-authored multiple industry publications with groups such as ISC2, ISACA, ASIS, HP, and IEEE.
Additionally, Joe is a prolific inventor with nine granted patents in the fields of dynamic and runtime application security testing, attack surface enumeration, and coverage (U.S. Patents 10,699,017, 10,515,219, 10,516,692, 10,515,220, 10,423,793, 9,846,781, 10,650,148, 10,587,641, and 11,057,395). Prior to joining Bishop Fox, Joe held leadership positions with companies such as Cobalt Labs, HP Fortify, Royal Philips, and Sunera LLC (now Focal Point Data Risk). Earlier in his career, Joe served as the lead penetration tester within SPI Labs at SPI Dynamics where he cut his teeth alongside some of the best and brightest application security industry professionals. Joe received his Bachelor of Business Administration degree in Management Information Systems from the Terry College of Business - University of Georgia.
Director of Cosmos Operations
Ori Zigindere is Director of Cosmos (formerly Cast) Operations at Bishop Fox with a background in software engineering. He works with a wide range of companies in all major industries and leads a team that helps them improve their security posture against day to day threats.
Ori believes in the value of privacy and security and helps both individuals and organizations to improve their understanding of these topics. In his spare time, he runs WorkshopCon, a company he co-founded, which helps bring together information security students and trainers for world class quality, low cost training.
Ori is an avid volunteer for local information security events in the New England area where he co-organizes Boston Security Meetup and is a board member at OWASP Boston where he is responsible for coordinating volunteers for the annual Boston Application Security Conference (BASC). Ori is a certified GIAC Web Application (GWAPT) and Network Penetration Tester (GPEN) and holds a bachelor's degree in computer science.