Pen testing

The State of Penetration Testing – PSW #631

December 23, 2019

Penetration testing has evolved quite a bit in the past year. As defenses shift, and in some cases get much better, attack techniques and landscapes have changed as well.

- What has changed in the past year with regards to penetration testing?
- What is adversary simulation? What are the benefits? Is the offering and consumption of this service an indication that organizations are getting better at building effective security programs?
- How has the increased popularity of breach and attack simulation tools impacted penetration testing?
- Has the MITRE attack framework impacted penetration testing? If so, how?
- Many advanced penetration testers seem to be keeping their tools private as to avoid detection by endpoint security products. Is this happening, and if so what is the impact? Should we share more? Less?
- With so many tools available today for penetration testing, what can blue teams and internal red teams do to prep for an external penetration test?

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor's Page

The State of Penetration Testing

Hosts

[caption id="attachment_210" align="alignleft" width="120"]Jason Albuquerque Jason Albuquerque - CIO & CSO[/caption] [caption id="attachment_210" align="alignleft" width="120"]Jeff Man Jeff Man - Sr. InfoSec Consultant[/caption] [caption id="attachment_210" align="alignleft" width="120"]Joff Thyer Joff Thyer - Security Analyst[/caption] [caption id="attachment_210" align="alignleft" width="120"]Larry Pesce Larry Pesce - Senior Managing Consultant and Director of Research[/caption] [caption id="attachment_210" align="alignleft" width="120"]Patrick Laverty Patrick Laverty - Security Consultant[/caption] [caption id="attachment_210" align="alignleft" width="120"]Paul Asadoorian Paul Asadoorian - Founder & CTO[/caption] [caption id="attachment_210" align="alignleft" width="120"]Tyler Robinson Tyler Robinson - Managing Director of Network Operations[/caption]

Guests

[caption id="attachment_210" align="alignleft" width="120"]Christopher Hadnagy Christopher Hadnagy - Chief Human Hacker[/caption] [caption id="attachment_210" align="alignleft" width="120"]David Kennedy David Kennedy - Co-Founder/CTO[/caption] [caption id="attachment_210" align="alignleft" width="120"]Ed Skoudis Ed Skoudis - Faculty Fellow[/caption] [caption id="attachment_210" align="alignleft" width="120"]Joe Gray Joe Gray - Senior OSINT Specialist[/caption] [caption id="attachment_210" align="alignleft" width="120"]Tom Liston Tom Liston - Lead Instructor[/caption] [caption id="attachment_210" align="alignleft" width="120"]Ira Winkler Ira Winkler - Lead Security Principal[/caption]

[audio src="http://traffic.libsyn.com/sw-all/PSW_631_-_Penetration_Testing_correct-0_converted.mp3"]

prestitial ad