SCW #56 | SC Media
Pen testing, SOC

SCW #56

December 15, 2020

The penetration testing mythology as it applies to information security is all screwed up. If nothing else, we’re going to attempt to define a penetration test, focus on the goals, and what should be in a report. You better believe there is going to be an overarching “PCI” context to this discussion. Visit https://www.securityweekly.com/scw for all the latest episodes!

Full Episode Show Notes

Pen Testing, Part 1 w/ Dmitry Zagadsky

Dmitry’s Bsides Boston talk, “Don’t End Up With a Pencil: Tips for Shopping Pen Tests” – https://youtu.be/Wr4UxdUa2aI

Jeff’s talk, “Do We Still Need Pen Testing?” from CircleCityCon 2015 – https://youtu.be/R13Bo8l9M5M

NIST SP800-115, Technical Guide to Information Security Testing and Assessment” – https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf

The Penetration Testing Execution Standard (PTES) – http://www.pentest-standard.org/index.php/Main_Page

PCI Security Standards Council’s Penetration Testing Guidance https://www.pcisecuritystandards.org/documents/Penetration-Testing-Guidance-v1_1.pdf?agreement=true

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Josh Marpet

Josh Marpet – COO

Liam Downward

Liam Downward – CEO

Scott Lyons

Scott Lyons – CEO

Guests

Dmitry Zagadsky

Dmitry Zagadsky – AVP IT Security

Announcements

We’ll continue our discussion of penetration testing. In this segment, we’ll talk about the right reasons to have a penetration test performed, the impact (for better or worse) of the PCI requirement for annual penetration testing, and how to get the most out of your penetration testing results. Visit https://www.securityweekly.com/scw for all the latest episodes!

Full Episode Show Notes

Pen Testing, Part 2 w/ Dmitry Zagadsky

Penetration Testing Roundtable, PSW #500 – https://youtu.be/h6cMojWO8qs

The State of Penetration Testing Panel, PSW #677 – https://youtu.be/mYzZoUXz7a4

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Josh Marpet

Josh Marpet – COO

Liam Downward

Liam Downward – CEO

Scott Lyons

Scott Lyons – CEO

Guests

Dmitry Zagadsky

Dmitry Zagadsky – AVP IT Security

Announcements

  • Do you always end up missing our live streams? Need somewhere to flag Security Weekly podcasts that you want to listen to? Subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

prestitial ad