The Future of Machine-Based Penetration Testing

Presented by

Sion Retzkin - Cronus Cyber Technologies

About this talk

The majority of internal and external cyber-attacks begin with exploiting vulnerabilities in the network and targeted applications. Over 99% of actual attacks exploit known vulnerabilities listed as known Common Vulnerabilities and Exposures (CVEs). The traditional defence is to probe the system using manual or automatic vulnerability scanning techniques; but this produces a lot of redundant and irrelevant information that does not shed any light as to whether a hacker can use the vulnerability to reach a critical asset. The only solution today is human penetration testing, but infrequent testing does not reflect the network's dynamic nature, especially in today's virtual and cloud based environments. A fresh approach to support manual penetration testing and enhance cyber resilience is to continuously and automatically test the network, applications and databases by using penetration testing techniques to expose vulnerabilities, establish complex attack path scenarios in real time and provide security and business insights to act on. This presentation will look at the technology and role of machine-based penetration testing.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (29)
Subscribers (2993)
CREST represents the technical information security industry by: - Offering a demonstrable level of assurance of processes and procedures of member organisations - Validating the competence of their technical security staff - Providing guidance, standards and opportunities to share and enhance knowledge - Providing technical security staff recognised professional qualifications and those entering or progressing in the industry with support with on-going professional development