Hi [[ session.user.profile.firstName ]]
Sort by:
    • The APT Battle - Can Pen Tests Really Help?
      The APT Battle - Can Pen Tests Really Help? Vivek Chudgar, Director of Security Consulting Services (APJ), Mandiant Recorded: Jun 12 2014 5:00 am UTC 48 mins
    • Today, it’s hard to find an organization that operates without pen tests. Thanks to heightened awareness among management and growing adoption of compliance standards such as PCI DSS, pen tests are on every CISO’s to-do list.

      Multiple varieties of pen tests have emerged and many organizations have a detailed plan to perform these tests every year. Yet, 95% of the organisations were found to be breached with clear evidence of advanced attackers controlling their internal systems. While penetration tests attempt to answer the question, “Can our controls be breached?”, the more critical question is “Am I aware of any existing breach?”

      In the new threat landscape, where attackers employed advanced means to bypass controls and got in without being noticed, just how pen tests are standing up to the challenge? How would one determine if these annual penetration tests are really providing value?

      Vivek Chudgar takes this on in our live webinar. He will examine the role of pen testings in an organization, and how the new threat landscape has changed the function of these testings. He will also discuss other new approaches to help organizations be assured of their secure status.

      Read more >
    • From Self-parking to Self-loathing: Innovation and Risk in Connected Cars
      From Self-parking to Self-loathing: Innovation and Risk in Connected Cars Ken Munro, Partner, Pen Test Partners LLP Upcoming: Jun 22 2017 12:00 pm UTC 45 mins
    • While autonomous driverless cars are still a work-in-progress connected cars and the IoT are becoming the norm. Whether that relates to communications infrastructure, on-board services for vehicle management, or mobile device connectivity, more and more new cars come equipped as standard with some sort of "connected" element. Typically the cost of new technology is in the buying price, but with modern cars it could be insurance hikes, loss of privacy, or even loss of life.

      Ken Munro, Partner and Security Consultant and Pen Test Partners, breaks down the key technologies and examines the security implications for drivers, insurers and manufactures alike.

      Viewers will learn about:
      - The attack surface that a connected car presents
      - What those attacks look like
      - The implications for everyday drivers
      - What manufacturers need to be doing

      Read more >
    • What Every CFO, GC and CCO Needs to Know About "Pen Testing" & Risk Assessments
      What Every CFO, GC and CCO Needs to Know About "Pen Testing" & Risk Assessments John Reed Stark, Joe Segreti Recorded: Feb 4 2016 6:00 pm UTC 68 mins
    • In addition to becoming a compliance prerequisite, so-called “penetration testing” and “risk and security assessments” also create added opportunities to:

      •determine where cybersecurity vulnerabilities lie;
      •remediate issues;
      •improve processes; and
      •beef-up enterprise security posture.

      The emerging penetration testing marketplace, however, is a chaotic morass, with a mishmash of consultant jargon painting varying doomsday scenarios and pitching uniquely branded panaceas.

      This webcast walks GCs, CFOs and CCOs through the “pen testing” maze, providing key insights on how to engage the right blend of capable, trustworthy and innovative cybersecurity professionals.

      Read more >
    • The Honeymoon’s Over: Living with Your Application Pen Test Results
      The Honeymoon’s Over: Living with Your Application Pen Test Results Charles Henderson, Director Application Security Services; Ryan Barnett, Lead Security Researcher SpiderLabs at Trustwave Recorded: Nov 15 2012 4:00 pm UTC 52 mins
    • Like everyone else, you know that application penetration tests are a critical part of any reasonable security program. So you setup a bake-off and find a qualified security company to test your applications. Things are going well and you start to see results show up in the reporting portal (or, if it’s still 2005, you get PDF reports).

      But identifying vulnerabilities is only half the battle. Once you know where your problems are, what do you do next? Schedule fixes for the next code deployment? Create virtual patches? What about long-term solutions?

      Find out what you can expect from an application penetration test, and what to do with the results in this hour-long session led by Trustwave SpiderLabs experts Charles Henderson, Director of Application Security Services, and Ryan Barnett, Lead Security Researcher.

      You’ll gain insight into:
      •Common and serious vulnerabilities uncovered by testing
      •Immediate tactical responses to remediation
      •Long-term strategic initiatives to improve application security

      You’ll walk away with actionable information on how to take full advantage of an application penetration test to strengthen application security throughout your organization.

      Read more >
    • Train as You Fight: The Value of Threat Simulations vs. Pen Testing
      Train as You Fight: The Value of Threat Simulations vs. Pen Testing Ryan Linn, Director of Advanced Tactics and Countermeasures Recorded: Apr 12 2016 6:00 pm UTC 59 mins
    • Tools and policy frameworks are only as good as the people who implement and support them. Automated mechanisms can only go so far before they rely on human intelligence to drive the appropriate reaction. The controls required by security frameworks and the data they generate, however, are overwhelming, and finding the right security talent can feel impossible.

      Organizations often choose to prioritize the implementation of their security program components on the basis of risk. By identifying potential impacts and attack vectors, it’s easier to identify the controls that produce the biggest return on investment. Training your staff to understand what they see when they see it, and how to respond proactively, will help you build a security organization that is resilient in the face of evolving threats and identify any controls gaps you have while you execute your security roadmap.
      This webinar will talk about how organizations can evolve beyond the compliance checklist and overwhelming scanner results by employing threat simulations. We will discuss how threat simulations differ from penetration testing, how they can be used to help make your organization stronger, and how they can replace traditional penetration testing as part of a security program.

      We will focus on a discussion of attack chains, mapping methodologies to real world threats, and then look at a sample attack to see how a nominally compliant system can still be compromised.

      Read more >