The penetration testing mythology as it applies to information security is all screwed up. If nothing else, we’re going to attempt to define a penetration test, focus on the goals, and what should be in a report. You better believe there is going to be an overarching “PCI” context to this discussion. Visit https://www.securityweekly.com/scw for all the latest episodes!
Dmitry’s Bsides Boston talk, “Don’t End Up With a Pencil: Tips for Shopping Pen Tests” – https://youtu.be/Wr4UxdUa2aI
Jeff’s talk, “Do We Still Need Pen Testing?” from CircleCityCon 2015 – https://youtu.be/R13Bo8l9M5M
NIST SP800-115, Technical Guide to Information Security Testing and Assessment” – https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf
The Penetration Testing Execution Standard (PTES) – http://www.pentest-standard.org/index.php/Main_Page
PCI Security Standards Council’s Penetration Testing Guidance https://www.pcisecuritystandards.org/documents/Penetration-Testing-Guidance-v1_1.pdf?agreement=true
We’ll continue our discussion of penetration testing. In this segment, we’ll talk about the right reasons to have a penetration test performed, the impact (for better or worse) of the PCI requirement for annual penetration testing, and how to get the most out of your penetration testing results. Visit https://www.securityweekly.com/scw for all the latest episodes!
Penetration Testing Roundtable, PSW #500 – https://youtu.be/h6cMojWO8qs
The State of Penetration Testing Panel, PSW #677 – https://youtu.be/mYzZoUXz7a4
Do you always end up missing our live streams? Need somewhere to flag Security Weekly podcasts that you want to listen to? Subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!