Hi [[ session.user.profile.firstName ]]

Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests

True Stories of Real Pen Tests - Featuring demos of complex hacks and how business systems can be used against an organization.

Earth vs. the Giant Spider: Amazingly True Stories of Real Pen-Tests brings the audience the most massive collection of weird, downright freaky, and altogether unlikely hacks ever seen in the wild. Through stories and demonstrations, we will take the audience into a bizarre world where odd business logic flaws get you almost free food (including home shipping), sourcing traffic from port 0 allows ownership of the finances a nation, and security systems are used to hack organizations.

This talk will focus on:
•Complex hacks found in real environments
•Showing effective attacks not found with automated methods
•Types of victim organizations and data accessed

By the end of this presentation we hope to have the audience thinking differently about systems and applications that organizations use every day, and how they may be used against them.
Recorded May 22 2012 58 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Rob Havelt, Director of Penetration Testing at Trustwave SpiderLabs
Presentation preview: Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Insider Insights: PCI Europe Community Meeting Preview Oct 5 2016 1:00 pm UTC 60 mins
    Alexander Norell, Director of Global Risk and Compliance Services at Trustwave
    Join Alexander Norell, Director of Global Risk and Compliance Services at Trustwave, as he shares his insider view of what you can expect at the upcoming 2016 Payment Card Industry Security Standards Council (PCI SSC) Europe Community Meeting in October.

    Alexander’s findings will be based on what he learns from his attendance at the North America Community Meeting and his insight as a subject matter expert on PCI compliance.

    During the webinar, Alexander will:

    • Alert you to trending topics and their implications
    • Share takeaways from participants as well as SSC leaders
    • Analyse the impact to the European community
  • Security Testing Report: Analyzing the Top Trends and Practices Sep 28 2016 4:00 pm UTC 60 mins
    Michael Osterman, President of Osterman Research, Inc., and Kevin Overcash, Director of SpiderLabs North America at Trustwave
    One in five businesses don’t test for security vulnerabilities. A recent study by Osterman Research found that many businesses fail to conduct frequent security testing despite believing that it’s critically important to securing their systems and data.

    In this presentation Michael Osterman, President of Osterman Research, Inc., will discuss key findings from the “Security Testing Practices and Priorities: An Osterman Research Survey Report”, including:

    •Common types of security issues experienced in the past 12 months.
    •The extent to which organizations take a proactive approach to security testing.
    •Types of security testing conducted during the past 6 months.
    •How often organizations conduct detailed review of security tests.
    •Challenges faced by organizations in the context of security testing.
  • Entendiendo los Cambios de PCI DSS 3.2 Recorded: Aug 30 2016 55 mins
    Miguel Arévalo, Managing Consultant y Diana Elizabeth Rodriguez Sanchez, LAC Sales Manager
    La versión 3.2 del PCI DSS (Payment Card Industry Data Security Standard) ha sido anunciada - las organizaciones que deben cumplir precisan entender los cambios y sus implicaciones. Participe de nuestro webinar para entender más sobre por qué fue lanzado tan rápido y cómo puedes parar mejor a tu organización.

    Aprenda sobre:
    • El alcance de la nueva versión PCI DSS 3.2
    • ¿Qué significa para su negocio?
    • ¿Por qué deberías implementar los cambios, aunque no sean mandatorios?
    • ¿Qué puede venir en el futuro próximo?
  • Modern Cybercrime: Staying Ahead of the Perfect Storm Recorded: Jul 20 2016 63 mins
    Brian Hussey, Global Director of Incident Response & Readiness and John Ramsey, Senior Product Marketing Manager
    Trustwave offers advice for those looking to take back control of their cyber destinies. Cybercrime has become a world-wide epidemic as organized crime syndicates are literally making money hand over fist in extorting businesses or otherwise stealing valuable data and company assets. Combined with a global shortage of trained security professionals and you literally have "The Perfect Storm" of cybercriminal activity.

    Join Trustwave SpiderLabs cybersecurity expert, Brian Hussey, as he discusses how you can get ahead of today’s cybercrime ‘super storm’ with some simple steps and key solutions. The more you know the better equipped you are to detect and prevent cybercrime - and ultimately protect your business. Join our webinar to help:

    -Understand who is targeting you.
    -Get a handle on just how they are doing it.
    -Learn some key tactics and solutions to combat today’s modern cybercriminal.
  • Nova versão PCI - mudanças e clarificações da norma Recorded: Jul 19 2016 63 mins
    José Roberto Giunti Lama, Managing Consultant and Isabel Silva, Business Development Director
    A versão 3.2 do PCI DSS (Payment Card Industry Data Security Standard) já foi anunciada – as organizações precisam entender as mudanças e suas implicações. Participe para aprender mais sobre o porquê foi lançado tão rápido e como você pode preparar a sua organização.

    Participe deste webinário para aprender sobre:
    • O escopo na nova versão PCI DSS 3.2
    • Que significa para o seu negócio?
    • Porque você deveria implementar essas mudanças, mesmo que não forem mandatórías?
    • O que pode vir no futuro próximo?
  • 6 Ways to Put "Secure" Back in Secure Web Gateways Recorded: Jul 14 2016 63 mins
    Chris Harget, Senior Product Marketing Manager at Trustwave and Stephen Brunetto, Director of Product Management at Trustwave
    More malware today is machine-generated and one-off. With advanced malware also employing obfuscation and anti-sandboxing techniques, just how "secure" are secure web gateways? The reality is - many are just not that secure anymore. Based on 2015 breach investigations, Trustwave found that 42% of malware used encryption, underscoring the importance of having an advanced secure web gateway with the capability to inspect encrypted content.

    Join our webinar where we will cover practical steps nearly any organization can take to optimize protection and policy control for your web users. We will be discussing real-world ideas on how to:
    -Ensure real-time blocking of encrypted new malware.
    -Easily keep policy optimized.
    -Virtually patch web browsers, and more.
  • ¿Cómo aliviar sus Presiones de Seguridad? Recorded: Jun 28 2016 62 mins
    Mario Cinco, Sales Engineering Director and Gabriel Sanders, Vice President Sales Latin America
    Las presiones de seguridad continúan aumentando – hoy más que nunca. Sabemos que probablemente usted esté bajo estrés, no satisfecho, y bajo ataques. Trustwave encuesto a 1.414 profesionales de seguridad informática para entender los factores emocionales que contribuyen a sus dolores de cabeza y desafíos. Súmate a aprender como aliviar esos puntos de dolor y escaparle a la presión.

    Durante este webinar compartiremos resultados del 2016 Security Pressures Report e incluiremos:
    • ¿Los profesionales de seguridad sienten que tienen suficientes habilidades y personal?
    • ¿Cómo han cambiado año a año las presiones de seguridad en general?
    • ¿Cuáles son algunas recomendaciones prácticas que puedes implementar en tu organización para reducir la presión?
  • Web Application Security: Developing an Effective, Efficient, Economical Program Recorded: Jun 8 2016 51 mins
    Victor Bonic, Global Security Architect at Trustwave
    Web application security differs significantly from other information security disciplines. In addition to encompassing other security disciplines such as encryption, authentication, network and operating system security, it requires specialized knowledge of web applications and coding techniques. Due to its abstract and multifaceted nature, it understandably may elude the grasp of executive management (“but we have a firewall . . .”) and, as a result, find itself at the bottom of the security budget totem pole.

    In this presentation we will discuss the role that application security plays within enterprise security and points to evaluate when developing an effective and efficient web application security program that meets your considerations. Join this webinar to learn more about:

    •The current state of web application security and its relationship to enterprise security.
    •Why web application security is more complex than other security disciplines.
    •The tasks that need to be performed in application security.
    •The different methods of web application testing and mitigation.
    •Available implementation options based on the in-house resource and budget constraints.

    We will conclude the session with a discussion of a web application security methodology that will utilize the specialized skills of different members of your IT organization.
  • Understanding PCI DSS 3.2: Minor Updates, Major Changes Recorded: May 25 2016 60 mins
    J. Andrew Brinkhorst, CISM, Director of Product Management at Trustwave, and Dixie Fisher, Product Marketing Manager
    Payment Card Industry Data Security Standard (PCI DSS) 3.2 has now been announced - organizations who must comply need to understand the implications. Join us to learn more about the drivers for the early release of the mandate and how you can best prepare your organization.

    Attend this webinar for helpful insights about:

    -The scope of the new PCI DSS 3.2
    -What the updates mean for your business?
    -Why you would want to make these changes even if they weren’t mandated?
    -What may be on the horizon?
  • Understand Cybercrime Trends and Tactics to Defend Against Them Recorded: May 18 2016 50 mins
    Lawrence Munro, Director of SpiderLabs EMEA and APAC at Trustwave
    The 2016 Trustwave Global Security Report has just been released. The report offers a glimpse into the secret world of cybercrime organizations and details methods used to maximize profits from malicious attacks. The report also highlights how adaptable, creative and relentless cybercriminals are when it comes to getting access to the information they want.

    Join this webinar as we highlight our major findings and offer you a chance to:
    • Learn how cybercriminals changed tactics in 2015 and started targeting a greater variety of data.
    • Hear an in-depth analysis of the top cybercrime, data breach and security threat trends from 2015.
    • Get key insights on how to best defend your business assets amidst the evolving threat landscape and varying tactics of cybercriminals.
  • Understand Cybercrime Trends and Tactics to Defend Against Them Recorded: May 10 2016 59 mins
    John Randall, Director of Product Marketing at Trustwave
    The 2016 Trustwave Global Security Report has just been released. The report offers a glimpse into the secret world of cybercrime organizations and details methods used to maximize profits from malicious attacks. The report also highlights how adaptable, creative and relentless cybercriminals are when it comes to getting access to the information they want.

    Join this webinar as we highlight our major findings and offer you a chance to:
    • Learn how cybercriminals changed tactics in 2015 and started targeting a greater variety of data.
    • Hear an in-depth analysis of the top cybercrime, data breach and security threat trends from 2015.
    • Get key insights on how to best defend your business assets amidst the evolving threat landscape and varying tactics of cybercriminals.
  • How to Pacify Your Security Pressures Recorded: Apr 6 2016 62 mins
    Dan Kaplan, Editor at Trustwave, and John Ramsey, Strategic Partner Marketing Manager at Trustwave
    Security pressures are mounting - and there are more of them than ever before. We know you're under stress, understaffed, and likely, already under attack. Trustwave surveyed 1,414 information security professionals to understand the emotional factors that contribute to a security professional’s headaches and hardships. Join us to learn how to alleviate these pain points and escape the pressure.

    During this webinar we will break down the findings of the 2016 Security Pressures Report from Trustwave, including:

    • Do security pros feel they have enough skills and personnel?
    • How have overall security pressures changed year over year?
    • What are some practical recommendations you can implement in your organization to reduce the pressure?
  • Ask the Analyst: Breach Planning and Preparedness Recorded: Jan 27 2016 60 mins
    Eric Ogren, 451 Analyst; Brian Hussey, Trustwave SpiderLabs Global Director
    It is always a good idea to be prepared. A quick and efficient response to an attack on your network can save an untold amount of time, money and staff hours. Even more, in today’s risk environment you need to know what tools to have in place to flag potential indicators of a compromise, have a response team on the ready and have a digital evidence trail for legal protection.
    Join us for an interactive discussion with guest speaker, 451 Research Senior Analyst, Eric Ogren and Trustwave SpiderLabs Global Director of Incident Response and Digital Forensics, Brian Hussey, to learn more about what you should do before, during and after a breach. Help drive the conversation by submitting a question for Eric and Brian in advance so we can tackle your biggest security concerns such as:
    • What is the likelihood of getting breached?
    • Best practices around building an IR plan
    • If you’ve been breached, what is the first thing you should do?
  • The Security Survival Guide for Growing Businesses Recorded: Jan 13 2016 61 mins
    Chris Harget, Trustwave Senior Product Marketing Manager
    Join Trustwave for a deeper look at the topics highlighted in our new e-book, The Security Survival Guide for Growing Businesses. To help you navigate the many challenges around information security, we will focus on some key questions including:

    • Is your security growing with your business?
    • Do you have a viable plan to handle the 3 biggest security challenges facing growing businesses?
    • Where should you begin?

    In this interactive session, find out what your peers are most concerned with, how they prioritize, and what works best for reducing risk. We will feature a couple of real world examples of breach incidents, discuss how the breaches occurred and simple steps you can take to prevent your business from becoming the next victim.
  • Securing databases like a boss: Five winning moves Recorded: Nov 11 2015 56 mins
    Oliver Pinson-Roxburgh, EMEA Systems Engineering Manager at Trustwave
    As breaches of the network perimeter become more common, organisations that safeguard data where it lives - in the database - will prevail. Data stores are an enticing target for cybercriminals. This is only amplified by the common misconception many organisations have that their database assets - whether they are on premise, in a datacenter or in the cloud - are secure.

    So, where do you start? What can you do right now to secure your databases with authority and finesse?

    Join this webinar and learn:
    • The top five threats to database security
    • How a real-life database attack unfolds
    • The five quickest, highest-impact actions you can take right now to harden your databases

    BONUS: Attendees may be eligible for a 6-month database security assessment tool license at no cost.
  • Securing databases like a boss: Five winning moves Recorded: Oct 14 2015 55 mins
    Sam Bakken, Product Marketing Mgr, Mark Trinidad, Sr. Product Mgr, and Martin Rakhmanov, Sr. Security Researcher
    As breaches of the network perimeter become more common, organizations that safeguard data where it lives - in the database - will prevail. Data stores are an enticing target for cybercriminals. This is only amplified by the common misconception many organizations have that their database assets - whether they are on premise, in a datacenter or in the cloud - are secure.

    So, where do you start? What can you do right now to secure your databases with authority and finesse?

    Join this webinar and learn:
    • The top five threats to database security
    • How a real-life database attack unfolds with Trustwave SpiderLabs Senior Security Researcher, Martin Rakhmanov
    • The five quickest, highest-impact actions you can take right now to harden your databases

    BONUS: Attendees may be eligible for a 6-month database security assessment tool license at no cost.
  • The Wild Wild West of Secure Mobility: How to Holster Up & Win in a Lawless Land Recorded: Sep 16 2015 53 mins
    Dixie Fisher, Product Marketing Manager at Trustwave and Jon Marler, Product Manager at Trustwave
    With smartphones and tablets rapidly replacing desktop computers and wearables and Internet of Things connectivity merging in to the expanding mobile landscape, it’s critical that the scope of your security practices move beyond BYOD and the confines of your corporate network. Tune in to our webinar, “The Wild Wild West of Secure Mobility: How to Holster Up & Win in a Lawless Land,” for new perspectives about protecting your mobile business as you venture ahead.

    During this webinar you will learn about:
    • Today’s mobility landscape
    • Tips for keeping the bad guys out
    • New frontiers: Cost-effective solutions for today and tomorrow
  • 7 Secrets to Defending Against New Advanced Threats on a Budget Recorded: Aug 26 2015 57 mins
    Chris Harget, Senior Product Marketing Manager at Trustwave
    Advanced threat techniques are available for purchase by cybercriminals who now target companies of all sizes for quick cash at high ROI. If you don’t have an army of IT security specialists and an unlimited IT budget, you’re probably feeling overwhelmed by the always-changing threat.
    Join us for an informative webinar, “7 Secrets to Defending Against New Advanced Threats on a Budget.”

    During this webinar you will learn the:
    •Business dynamics accelerating advanced threat use by criminals
    •Critical choke points that almost all advanced threats have to go through to succeed
    •Tips for the most cost-effective and achievable ways to stop advanced threats today and tomorrow
  • Dangers to Web App Security: 4 Ways to Control Complexity and Cost Recorded: Aug 5 2015 59 mins
    Victor Bonic, Global Security Architect, and Thomas Savage, Product Marketing Manager
    Web application security is threatened not just by hackers but also by the complexity (and related cost) of keeping up with security challenges. Due to the ever-increasing strategic and financial importance of e-commerce and other web services, web application security is of paramount importance for nearly every organization. The difficulties of web application security are compounded by the growing complexity of web applications, the nearly constant changes in site content and the increasing sophistication of web application attacks. Add in migration to cloud-based and hosted environments and the cost of application security can start to become unmanageable.

    Join this webinar as Trustwave discusses 4 approaches to reduce cost and complexity. Trustwave has helped hundreds of organizations adopt these approaches and secure their web applications with a solution offering advanced capabilities (continuous learning mode, bi-directional analysis, etc.), flexible architecture, and multiple delivery options to simplify your operations.
  • The Internet of Things revolution-what lurks in the shadows? Recorded: Jul 22 2015 43 mins
    Sam Bakken, Product Marketing Manager at Trustwave
    Beyond the novelty, the Internet of Things (IoT) will improve our standard of living and revolutionize industry—but at what cost to security and privacy?

    In an ideal world, manufacturers and providers of IoT products and services take responsibility for protecting their users. But, at present, businesses adopting the technology and consumers inviting it into their homes need to take precautions.

    Join us for a primer on deploying IoT technology safely in your home or business and discover:

    • How the IoT will transform business
    • Risks in both consumer and business/industrial use cases
    • Five crucial security and privacy considerations.
Smart security on demand
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than 2.7 million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective data protection, risk management and threat intelligence. Trustwave is a privately held company, headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit www.trustwave.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests
  • Live at: May 22 2012 4:00 pm
  • Presented by: Rob Havelt, Director of Penetration Testing at Trustwave SpiderLabs
  • From:
Your email has been sent.
or close