Active Directory, Encryption, Pen testing, Leadership, Blue team

PSW #631

0

Each year the team at Counterhack Challenges makes available the Holiday Hack Challenge. Led by Ed Skoudis, and created by some of the most talented security professionals in the industry, it is not to be missed. Tune in to hear the details, or at least some information, about this year’s Holiday Hack Challenge!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Holiday Hack Challenge

Hosts

Doug White

Doug White – Professor

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Joff Thyer

Joff Thyer – Security Analyst

Lee Neely

Lee Neely – Senior Cyber Analyst

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Ed Skoudis

Ed Skoudis – Faculty Fellow

Penetration testing has evolved quite a bit in the past year. As defenses shift, and in some cases get much better, attack techniques and landscapes have changed as well.

– What has changed in the past year with regards to penetration testing?
– What is adversary simulation? What are the benefits? Is the offering and consumption of this service an indication that organizations are getting better at building effective security programs?
– How has the increased popularity of breach and attack simulation tools impacted penetration testing?
– Has the MITRE attack framework impacted penetration testing? If so, how?
– Many advanced penetration testers seem to be keeping their tools private as to avoid detection by endpoint security products. Is this happening, and if so what is the impact? Should we share more? Less?
– With so many tools available today for penetration testing, what can blue teams and internal red teams do to prep for an external penetration test?

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

The State of Penetration Testing

Hosts

Jason Albuquerque

Jason Albuquerque – CIO & CSO

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Joff Thyer

Joff Thyer – Security Analyst

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Patrick Laverty

Patrick Laverty – Security Consultant

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Tyler Robinson

Tyler Robinson – Managing Director of Network Operations

Guests

Christopher Hadnagy

Christopher Hadnagy – Chief Human Hacker

David Kennedy

David Kennedy – Co-Founder/CTO

Ed Skoudis

Ed Skoudis – Faculty Fellow

Joe Gray

Joe Gray – Senior OSINT Specialist

Tom Liston

Tom Liston – Lead Instructor

Ira Winkler

Ira Winkler – Lead Security Principal

It’s often said that attackers need only to get it right once, where defenders have to be right all of the time. Those of us who have worked in a security role as a defender know we don’t always get it right, in fact, there are often many exposures in our defenses. This segment will aim to help defenders learn tactics and techniques that are effective and try to answer some of the following questions:

– How do you prioritize your defensive efforts?
– How do you best detect attacks?
– How do you best protect against attacks?
– We always say “patch your stuff” but how often should you patch? Which systems should you patch?
– What techniques work best to defend against email phishing?
– How do you provide a “good enough” level of security for your Active Directory?
– What are the fundamentals of defense? How do they differ per environment and organization?
– How do you get management to buy-in to your security plans and spending?

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Blue Team Tactics and Techniques

Hosts

April Wright

April Wright – Preventative Security Specialist

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Lee Neely

Lee Neely – Senior Cyber Analyst

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Tyler Robinson

Tyler Robinson – Managing Director of Network Operations

Guests

Bill Swearingen

Bill Swearingen – Cyber Strategist

Chris Kubecka

Chris Kubecka – CEO

Jason Nester

Jason Nester – CISO

Jim Nitterauer

Jim Nitterauer – Senior Security Engineer

Michael Gough

Michael Gough – Malware Archaeologist

Ron Gula

Ron Gula – President

Trent Lo

Trent Lo – Cyber Security Principal

0
prestitial ad