Hi [[ session.user.profile.firstName ]]

Zen and the Art of Maintaining an Internal Penetration Testing

Penetration testing is the most realistic way to proactively assess your organization’s security posture, but rolling out an internal testing program sometimes presents unique challenges. However, by planning wisely and using the right tools, you can successfully integrate penetration testing into your ongoing vulnerability management program and discover the benefits of seeing your infrastructure as attackers do.

Please join Core Security and Paul Asadoorian, senior network security engineer for OSHEAN and founder of PaulDotCom Security Weekly, for a live webcast: “Zen and the Art of Maintaining an Internal Penetration Testing Program.”

During the webcast, you’ll learn:

* How to determine if internal penetration testing is right for your organization
* What questions you should ask when planning a pen testing initiative
* How you can best pitch testing to other departments and gain permission from management
* What types of tests to run and how to address the process of dealing with compromised devices
* Which tips and tricks can help you carry out faster, more effective testing

Whether you’re considering rolling out an internal penetration testing program or need a refresher of best practices for your current testing initiatives, this webcast is sure to be time well-spent.
Recorded Jul 16 2009 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Paul Asadoorian | PaulDotCom Security Weekly
Presentation preview: Zen and the Art of Maintaining an Internal Penetration Testing

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The 2017 Threatscape Dec 6 2016 2:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF Ltd
    The pace and scale of information security threats continues to accelerate, endangering the integrity of trusted organisations. Although cyberspace offers opportunities for leading organisations, this environment is uncertain and potentially dangerous. It is a place where hacktivists and cybercriminals are honing their skills and governments are introducing new regulation and legislation in response to major incidents and public concerns. Organisations are forced to continually adapt and rapidly respond.

    In this webinar, Steve Durbin Managing Director at the ISF, will discuss the rapidly changing threat landscape, identify the key cyber challenges for 2017 and suggest ways of managing the associated risks.
  • Nivdort: A long lasting threat with a big bag of tricks Nov 8 2016 4:00 pm UTC 45 mins
    Tiago Pereira – Threat Intel Researcher, at AnubisNetworks
    Nivdort is a malware family that has been around for several years. Over these years it has been subject to several improvements and, as a result, today it is a very interesting piece of malware with an uncommonly large number of features that has steadily keeps a few botnets running with a high number of infections.

    Join us on this webinar to learn more about the Nivdort family and some of its extensive list of tricks (e.g. DGA, P2P, information stealing, email spam, instant messaging spam, bitcoin mining), and about its worldwide infection distribution.
  • The Data Breach War: How banks can step up their line of defence Oct 19 2016 4:00 pm UTC 60 mins
    JP Vergne (Scotiabank Lab, Ivey B-School), Nik Walser (EY), Mario Maawad (CaixaBank), Lawrence Chin (Palo Alto Networks)
    As holders of valuable client and financial data, banks have been prime targets for hackers and thieves. Entire payment systems can be compromised in the blink of an eye and clients also risk having their identities stolen.

    Join this panel session where our experts will discuss:

    -Best practices for preventing cyberattacks at every stage
    -Top mistakes banks and financial institutions make when dealing with valuable data
    -What makes you a target?
    -Using real-time analytics to identify anomalies and act on them immediately
    -Malware, threat prevention, next-generation security — what are they, what do you need to know?
  • One Step Ahead of Phishing Attacks Oct 12 2016 5:00 pm UTC 60 mins
    Greg Maudsley, Senior Director Product Marketing, Menlo Security
    Phishing is serious business. It is the most common targeted method of cyber attacks, and the main perpetrators for phishing attacks are organized crime syndicates and state-affiliated actors.* Despite multiple security defense layers and many hours and dollars spent on end-user training, phishing continues to create headaches for security administrators.

    Join this webinar to learn:

    · New phishing prevention techniques

    · How to stop ransomware, malware and drive-by-exploits enabled by email phishing

    · Updated security research findings

    · Real-life case studies for using isolation techniques to prevent phishing attacks
    Speaker Bio:
    Greg Maudsley has over 15 years of IT security experience and is responsible for strategy development and threat isolation innovations at Menlo Security. Previously, Maudsley was a product marketing leader for F5 and Juniper Networks' Junos Pulse Business Unit. His responsibilities spanned the security spectrum, including application security, anti-fraud, cloud security, DDoS prevention, DNS sec, secure access, NAC, mobile security, application delivery and WAN Optimization. Maudsley holds an MBA from Santa Clara University Leavey School of Business, and a B.S. in Physics from the University of Redlands.
  • The Magic Bullet: How Social Engineering is the Key Oct 12 2016 1:00 pm UTC 45 mins
    Jenny Radcliffe, Head Trainer, Jenny Radcliffe Training
    The human side of security is beginning to be acknowledged as at least as important as the technical side in terms of awareness and training programs for most organisations.

    In this webinar, Social Engineer and Trainer Jenny Radcliffe shares some advice as to what happens beyond acknowledging the threat, what, if anything, can an organisation do to turn Social Engineering to its advantage? Is there really a "magic bullet" that can engage staff, change security culture and contribute to a more secure organisation?
  • Solving the dilemma of securing private data in the cloud Oct 12 2016 10:00 am UTC 45 mins
    Sunil Choudrie, Global Solutions Marketing Mngr - Symantec & Robert Arandjelovic, Security Strategy Director EMEA - Bluecoat
    The cloud allows open sharing of data, allowing people to access information at home, in the office or on the move. This openness has come at a price, putting security and data privacy at risk.

    Research shows that on average, organisations are aware of less than 10% of all cloud applications used by their staff, providing a massive blind spot. If you don’t know where your sensitive data is, how do you secure it? In this 45 minute webinar we will outline the Symantec three-part framework for managing the Information Protection lifecycle and show how this applies to securing the cloud. The webinar will address:
    · The opportunities and risks of moving data to the cloud
    · Security and privacy implications
    · The Symantec three-part framework
    o How to ensure only trusted users and devices can access data
    o How to classify and discover sensitive data, and gain full visibility into the cloud
    o How to protect data through the application of encryption technology
    · Future direction and recommendations

    So if you are struggling with the dilemma of providing open access to sensitive data, register for this webinar today.
  • Understanding the Risks from DDoS Attacks Oct 11 2016 3:00 pm UTC 45 mins
    Rohit Kinra, Director - Product Technology, Verisign
    Recent DDoS attacks trends indicate that DDoS attacks are becoming more sophisticated and persistent. What do these DDoS trends mean for your organization, especially during the upcoming holiday season?
    Join Rohit Kinra, Director, Product Technology, Verisign, as he discusses the behavioral shifts observed by Verisign in recent DDoS attacks and what should concern you. Rohit will also share recommendations on how your organization can prepare and defend against DDoS attacks.
  • Privacy vs. Security Oct 11 2016 1:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF Ltd
    In May 2018 the EU’s General Data Protection Regulation (GDPR) will take effect. The GDPR upholds the protection of personal data and increases the accountability of organisations processing any personal details belonging to EU citizens- with severe penalties for those who do not comply.

    In this webinar Steve Durbin, Managing Director at the ISF, discusses why it is important for the security and data privacy teams to work together to run risk assessments on their most critical information assets and to develop checklists, policies and procedures that can be implemented internally and with third party suppliers. Only by taking this approach will organisations be able to remain agile, maintain customer confidence and demonstrate that they are ‘GDPR ready.’
  • The role of Threat Intelligence Feeds in the Battle Against Evolving Cybercrime Oct 11 2016 2:00 am UTC 45 mins
    Nahim Fazal, Head of Cybersecurity Development at ‎Blueliv
    Today, advanced cyber threats form part of the risk landscape we encounter every day in our increasingly digital lives. Cybercrime is known for its complex, chameleon characteristics – it’s a highly lucrative industry with fast-paced innovation at its core. The evolution of cybercriminal techniques enables it to thrive, and we need to sprint to keep up. Organizations must respond with security solutions nimble enough to compete with the bad guys. Sounds like a job for MRTI, and we think we’ve got just the ticket.

    This webinar intends to be an educational piece for any Security team in need of having a better understanding of the value provided by Threat Intelligence feed in order to complement traditional security real estate. This is not intended for those who already have a strong expertise and understanding of the fundamentals of threat intelligence delivered via a feed.
  • Cyber Crime – Why Are You a Target Oct 4 2016 2:00 pm UTC 60 mins
    Richard Cassidy, UK Cyber Security Evangelist
    According to cyber security experts, the frequency and severity of cyber attacks are on the rise, causing alarm to businesses and customers across a variety of industries. Taking a proactive, strategic approach to evaluating your cyber security strategy is critical, it starts with understanding who your organisations adversaries are and what the impact would be on your business if you were the victim of a cyber attack.

    Register for this impactful webinar presented by Richard Cassidy, UK Cyber Security Evangelist at Alert Logic as he examines the latest methods and exploits used by cyber criminals providing an overview of the most current ways they target businesses. You’ll get an insight on how the most sophisticated attackers choose their targets, what they are looking for, and how they extract valuable data.

    In this webinar, we will take a look at:
    • The ever-changing threat landscape, and how it affects your business
    • Tactics, techniques and procedures (TTPs) used by cyber criminal actors
    • Strategies and tools for mitigating the risk of cyber attack
    • Insight into Real-life case studies
  • LIVE Interactive Q&A: Steve Durbin on the Yahoo Data Breach Recorded: Sep 30 2016 49 mins
    Steve Durbin, Managing Director, ISF Ltd
    Last week Yahoo was hit with the biggest data breach of all time; with an estimated 500 million customer accounts compromised by hackers. The attack will have significant rippling effects on consumer trust, data protection standards and information security practices. The legal battle is now also only just beginning, with two key cases being heard in California, as Yahoo is sued for data-protection negligence.

    But what will does all this mean to your business? Do you feel compromised professionally or personally? Were key mistakes made that you can avoid? How can you best prepare (in terms of incident response) to such a breach? Will the attack have lasting effects or will it disappear into the annuls of history alongside the Ashley Maddison, Target and Linkedin hacks. All these questions and more will be answered live, over webcam by Security expert and Managing Director of the ISF Steve Durbin.

    Tune in, ask your burning questions and join the conversation on BrightTALK.
  • Are you ready for the notification requirements of upcoming EU Legislation? Recorded: Sep 23 2016 49 mins
    Danielle Kriz, Sr Director, Global Policy at Palo Alto Networks and Emily Tabatabai, Privacy Counsel at Orrick
    Doing business in the European Union is changing. By May 2018, companies must comply with the new General Data Protection Regulation’s (GDPR) data breach notification requirements and the Network and Information Security (NIS) Directive’s security incident notification requirements.

    Notification requirements make it imperative to prevent incidents before they happen. To help you prepare for these new requirements, Palo Alto Networks is hosting a webinar with cybersecurity and data privacy lawyers from Orrick Herrington & Sutcliffe to discuss:

    · What are the requirements and the deadlines under each law?
    · What are the thresholds for notification, and who needs to be notified?
    · How should companies prepare for their oncoming obligations? What strategies should be in place? What have other international companies done to prepare and communicate?
    · What might be the legal consequences of non-compliance?
  • State-of-the-Art Security Framework for Breach Prevention Response Strategy Recorded: Sep 22 2016 49 mins
    Gregory Albertyn, Sr Director Cybersecurity & Privacy at PwC, Simon Mullis, Global Technical Lead GSIs at Palo Alto Networks
    Traditional approaches of detecting and remediating threats are becoming increasingly inadequate to effectively manage risk in today’s increasingly regulated, cyber threat landscape.

    Join a live webinar and Q&A to learn how PwC and Palo Alto Networks have formed a strategic partnership to help more customers achieve cyber resilience.

    The webinar will introduce

    •The emerging regulatory landscape that is driving the need for organizations to redesign their incident response and data compliance programs
    •A state-of-the-art security framework that serves as a guide for organizations to assess, develop, and implement a breach prevention security posture.
    •Recommended security architectures, organizational structures, and computing processes that enable breach prevention.
    •Live Q&A with cybersecurity experts from PwC and Palo Alto Networks, for practical insights and real world experiences.
  • Are you secure against threats with cyberinsurance? Recorded: Sep 22 2016 15 mins
    Fred Streefland, Leaseweb Global and Dharminder Debisarun, Palo Alto Networks
    The cynical would suggest that cyber insurance is growing as some look for a cheaper route to manage risk. However many see the cyber insurance industry as potentially the new enforcer of good security practices.

    Palo Alto Networks customer Leaseweb is an organization that recently purchased cyber insurance. We invite you to join us on Thursday September 22 for an interview with Fred Streefland, IT Security Manager at Leaseweb Global. Palo Alto Network’s Dharminder Debisarun interviews him to learn more their decision to purchase cyberinsurance. You will hear what is generally covered and how it can be part of a prevention strategy. There will also be a chance to answer questions at the end of the session.
  • Threat Prevention on Your Terms Recorded: Sep 22 2016 38 mins
    Joerg Sieber, Director, Product Marketing, Palo Alto Networks
    A cloud-based community-driven approach for advanced threat detection and prevention is paramount to successfully combatting attackers. The scale, speed of enhancements, community leverage, and automated prevention that WildFire provides is unparalleled. At the same time, some organizations are concerned about data privacy and protection when dealing with cloud-based threat analysis.

    Palo Alto Networks is proud to introduce the WildFire EU cloud. Customers now have the option to submit unknown files and e-links to the WildFire EU cloud for analysis, where data is fully analyzed without ever leaving European borders. This is of particular interest to companies within the European Union and international organizations looking for localized clouds combined with the power of global cloud threat analytics.

    At this valuable and information webinar we will explore how WildFire EU cloud helps you:

    1. Address data privacy needs – Data analyzed by WildFire EU cloud remains within the boundaries of the EU. This alleviates data transfer concerns shared by some of our customers and addresses the needs of many international organizations.

    2. Leverage global threat intelligence – WildFire EU cloud leverages access to the largest threat analysis tool in the World used by more than 10,000 customers as part of the Palo Alto Networks next generation security platform, providing complete prevention capabilities.

    3. Take advantage of groundbreaking Threat Analytics and Correlation – Security teams can accelerate threat hunting, analytics and response efforts with globally correlated intelligence from the entire WildFire community, made directly accessible through the AutoFocus service.
  • Examining the SWIFT Bank Hack: An In-depth Look at the $81 Million Cyber Attack Recorded: Sep 21 2016 46 mins
    Michael Davis - CTO, CounterTack and Prashant Verma - Sr. Practice Manager, Paladion Networks
    Join CounterTack and Paladion Networks for a live webinar as we walk through the attack that shook banks across the globe. We'll hear from the incident response team at Paladion who supported the investigation, and will discuss:

    · How the criminals gained access to the SWIFT servers
    · The timeline of events that took place
    · A fatal mistake that led investigators to the discovery
    · Takeaways organizations can learn from to prevent similar attacks
  • Threat Prevention on Your Terms Recorded: Sep 21 2016 43 mins
    Joerg Sieber, Director, Product Marketing, Palo Alto Networks
    A cloud-based community-driven approach for advanced threat detection and prevention is paramount to successfully combatting attackers. The scale, speed of enhancements, community leverage, and automated prevention that WildFire provides is unparalleled. At the same time, some organizations are concerned about data privacy and protection when dealing with cloud-based threat analysis.

    Palo Alto Networks is proud to introduce the WildFire EU cloud. Customers now have the option to submit unknown files and e-links to the WildFire EU cloud for analysis, where data is fully analyzed without ever leaving European borders. This is of particular interest to companies within the European Union and international organizations looking for localized clouds combined with the power of global cloud threat analytics.

    At this valuable and information webinar we will explore how WildFire EU cloud helps you:

    1. Address data privacy needs – Data analyzed by WildFire EU cloud remains within the boundaries of the EU. This alleviates data transfer concerns shared by some of our customers and addresses the needs of many international organizations.

    2. Leverage global threat intelligence – WildFire EU cloud leverages access to the largest threat analysis tool in the World used by more than 10,000 customers as part of the Palo Alto Networks next generation security platform, providing complete prevention capabilities.

    3. Take advantage of groundbreaking Threat Analytics and Correlation – Security teams can accelerate threat hunting, analytics and response efforts with globally correlated intelligence from the entire WildFire community, made directly accessible through the AutoFocus service.
  • Accelerating Digital Transformation through next generation security Recorded: Sep 21 2016 44 mins
    Greg Day, Chief Security Officer EMEA at Palo Alto Network
    Digital Transformation is the primary driver of business innovation for the rest of this decade. But security is in danger of being left behind, as mobile, big data and cloud solutions go mainstream. Security is often seen as the blocker to innovation, so businesses avoid talking to security professionals until it’s too late. A disregard for security exposes the business to risk at a time when data protection compliance regimes are tightening. This session shows how organizations can deploy next generation security approaches to accelerate digital transformation while increasing security and reducing risk.
  • Live Panel: Securing in a cloud/hybrid world Recorded: Sep 20 2016 59 mins
    Experts from BT, VMware and Palo Alto Networks
    You are invited to join us for a live panel session on the adoption of the cloud. Industry experts discuss what steps and considerations should be taken when moving to any cloud. Where are the responsibilities of security and how do you maintain visibility and control over your data?

    We invite you to ask questions to our panelist during the live session.
  • Today’s top security risks and how to manage them in the Cloud Recorded: Sep 20 2016 50 mins
    Adam Kobeissi, Product & Services Director,Niu Solutions & Oliver Pinson-Roxburgh, Director of Sales Engineering, Alert Logic
    Managing security when migrating to the Cloud can be a challenge. The threat landscape is continually evolving; it’s no longer enough to just create a secure environment – sustaining your security posture is a full-time job.

    Join our webinar, in conjunction with our security partner Alert Logic, to learn about today’s top security breaches and how you can go about securing against them in the Cloud. We will explore how you can manage your security in the long run with a particular focus on pro-active monitoring and threat management. And will provide you with a valuable checklist to ensure you’re covering every angle when building your security and compliance strategy.
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Zen and the Art of Maintaining an Internal Penetration Testing
  • Live at: Jul 16 2009 1:00 pm
  • Presented by: Paul Asadoorian | PaulDotCom Security Weekly
  • From:
Your email has been sent.
or close