Hi [[ session.user.profile.firstName ]]
Sort by:
    • The APT Battle - Can Pen Tests Really Help?
      The APT Battle - Can Pen Tests Really Help? Vivek Chudgar, Director of Security Consulting Services (APJ), Mandiant Recorded: Jun 12 2014 5:00 am UTC 48 mins
    • Today, it’s hard to find an organization that operates without pen tests. Thanks to heightened awareness among management and growing adoption of compliance standards such as PCI DSS, pen tests are on every CISO’s to-do list.

      Multiple varieties of pen tests have emerged and many organizations have a detailed plan to perform these tests every year. Yet, 95% of the organisations were found to be breached with clear evidence of advanced attackers controlling their internal systems. While penetration tests attempt to answer the question, “Can our controls be breached?”, the more critical question is “Am I aware of any existing breach?”

      In the new threat landscape, where attackers employed advanced means to bypass controls and got in without being noticed, just how pen tests are standing up to the challenge? How would one determine if these annual penetration tests are really providing value?

      Vivek Chudgar takes this on in our live webinar. He will examine the role of pen testings in an organization, and how the new threat landscape has changed the function of these testings. He will also discuss other new approaches to help organizations be assured of their secure status.

      Read more >
    • Windows IT Pro: Pen Testing Your AD
      Windows IT Pro: Pen Testing Your AD Nick Cavalancia from Windows IT Pro with Allen Brokken from Ascent and Russell Rice Recorded: May 26 2017 4:20 pm UTC 60 mins
    • The reality of external attacks today is simple: Attackers have made it their business to know more about the networking environment you work in every day than you do – and they’ll use that knowledge to systematically gain entrance, and laterally move within your network. At the core of their attacks is Active Directory – the ultimate repository of credentials that, if compromised, gives them the keys to the kingdom.

      So how can you leverage the same detail hackers exploit to “pen test” your AD?

      View this webinar to learn:

      - How and why AD is a primary focus for attacks

      - Detailed ways attackers seek access to AD

      - What parts of your Windows and AD environment need regular pen testing to ensure you’re secure

      - The threat model analysis of AD based on STRIDE

      - Security characteristics of the SkySecure appliance that defeat pen testing

      Read more >
    • TechGenix: Will Your AD Environment Survive a Pen Test
      TechGenix: Will Your AD Environment Survive a Pen Test Allen Brokken from Ascent Solutions and Sheridan Murphy Recorded: Jun 21 2017 4:55 pm UTC 51 mins
    • The reality of external attacks today is simple - attacker have made it their business to know more about the networking environment you work in every day than you do - and they'll use that knowledge to systematically gain entrance and literally move within your network.

      At the core of their attacks is Active Directory - the ultimate repository of credentials that, if compromised, give them the keys to your kingdom.

      So how can you leverage the same detail hackers exploit to "pen test" your AD? In this insightful webinar, join industry experts Allen Brokken and Sheridan Murphy as they discuss what you need to know about keeping your AD secure, including:

      · How and why AD is a primary focus for attacks

      · Detailed ways attackers seek access to AD

      · What parts of the Windows and AD environments require regular penetration testing to ensure security

      · The threat model analysis of AD based on STRIDE

      Read more >
    • What Every CFO, GC and CCO Needs to Know About "Pen Testing" & Risk Assessments
      What Every CFO, GC and CCO Needs to Know About "Pen Testing" & Risk Assessments John Reed Stark, Joe Segreti Recorded: Feb 4 2016 6:00 pm UTC 68 mins
    • In addition to becoming a compliance prerequisite, so-called “penetration testing” and “risk and security assessments” also create added opportunities to:

      •determine where cybersecurity vulnerabilities lie;
      •remediate issues;
      •improve processes; and
      •beef-up enterprise security posture.

      The emerging penetration testing marketplace, however, is a chaotic morass, with a mishmash of consultant jargon painting varying doomsday scenarios and pitching uniquely branded panaceas.

      This webcast walks GCs, CFOs and CCOs through the “pen testing” maze, providing key insights on how to engage the right blend of capable, trustworthy and innovative cybersecurity professionals.

      Read more >
    • The Honeymoon’s Over: Living with Your Application Pen Test Results
      The Honeymoon’s Over: Living with Your Application Pen Test Results Charles Henderson, Director Application Security Services; Ryan Barnett, Lead Security Researcher SpiderLabs at Trustwave Recorded: Nov 15 2012 4:00 pm UTC 52 mins
    • Like everyone else, you know that application penetration tests are a critical part of any reasonable security program. So you setup a bake-off and find a qualified security company to test your applications. Things are going well and you start to see results show up in the reporting portal (or, if it’s still 2005, you get PDF reports).

      But identifying vulnerabilities is only half the battle. Once you know where your problems are, what do you do next? Schedule fixes for the next code deployment? Create virtual patches? What about long-term solutions?

      Find out what you can expect from an application penetration test, and what to do with the results in this hour-long session led by Trustwave SpiderLabs experts Charles Henderson, Director of Application Security Services, and Ryan Barnett, Lead Security Researcher.

      You’ll gain insight into:
      •Common and serious vulnerabilities uncovered by testing
      •Immediate tactical responses to remediation
      •Long-term strategic initiatives to improve application security

      You’ll walk away with actionable information on how to take full advantage of an application penetration test to strengthen application security throughout your organization.

      Read more >
    • Train as You Fight: The Value of Threat Simulations vs. Pen Testing
      Train as You Fight: The Value of Threat Simulations vs. Pen Testing Ryan Linn, Director of Advanced Tactics and Countermeasures Recorded: Apr 12 2016 6:00 pm UTC 59 mins
    • Tools and policy frameworks are only as good as the people who implement and support them. Automated mechanisms can only go so far before they rely on human intelligence to drive the appropriate reaction. The controls required by security frameworks and the data they generate, however, are overwhelming, and finding the right security talent can feel impossible.

      Organizations often choose to prioritize the implementation of their security program components on the basis of risk. By identifying potential impacts and attack vectors, it’s easier to identify the controls that produce the biggest return on investment. Training your staff to understand what they see when they see it, and how to respond proactively, will help you build a security organization that is resilient in the face of evolving threats and identify any controls gaps you have while you execute your security roadmap.
      This webinar will talk about how organizations can evolve beyond the compliance checklist and overwhelming scanner results by employing threat simulations. We will discuss how threat simulations differ from penetration testing, how they can be used to help make your organization stronger, and how they can replace traditional penetration testing as part of a security program.

      We will focus on a discussion of attack chains, mapping methodologies to real world threats, and then look at a sample attack to see how a nominally compliant system can still be compromised.

      Read more >