Hi [[ session.user.profile.firstName ]]

Penetration Testing Redefined: Leveraging an Army of Ethical Hackers

Perfect security is a myth as attackers evolve. Trying to create a perfect defense usually ends up piling up layer after layer of defense, but each layer solves one part of a bigger problem, while introducing even more solutions to manage. As the endless series of recent breaches have proven, compliance, automated scanners or traditional penetration tests have failed to make us secure. What we really need is an easy way to see how we look from an enemy perspective.
Win by changing the game.

Instead of trying and failing to stop all attackers, make yourself so difficult to attack that their own cost-benefit analysis will prompt them to move on.

We call it Attacker Resistance and Synack can help you increase yours.

It's not just any “Crowd”. Recently, innovations in crowdsourced security show that motivated and prepared ethical hackers outperform the current standard in security testing methodologies. Crowdsourcing - combined with Synack’s unique software to assist ethical hackers - provides organizations with the data and proof of increased security through Attack Resistance.
Recorded Nov 14 2017 63 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Richard Cassidy, Head of Solution Engineering EMEA, Synack
Presentation preview: Penetration Testing Redefined: Leveraging an Army of Ethical Hackers

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Bringing Hacker-Powered Security Testing to DevOps SDLC Sep 27 2018 11:00 am UTC 60 mins
    Andy Condliffe, Solution Architect EMEA, Synack
    DevOps allows organizations to bring web, mobile, and IoT applications to life faster than traditional SDLC models. However, continuous releases and updates introduce new risks by the way of exploitable vulnerabilities that are introduced and left undetected and unresolved/unpatched in the production stream.

    Traditional point-in-time penetration tests can’t keep up with the frequency and short deployment cycles of the modern DevOps organization. Traditional pen tests are usually conducted through checklist-based activities that lack the comprehensiveness to mimic and defend against sophisticated cyber attacks. The result? An increase in serious, exploitable vulnerabilities in live applications and a slew of high-profile breaches..

    Leading enterprise organizations are utilizing a crowdsourced security testing platform that combines continuous vulnerability scanning tools with manual, crowdsourced human security testing. This model of offensive and adversarial-based testing delivers realistic attack traffic on customers’ applications, resulting in effective vulnerability discovery and management and “smart” security intelligence without compromising security and control. Scalable and controlled crowdsourced testing at a continuous cadence is the answer for secure DevOps SDLC.

    Join this session by Andy Condliffe of Synack EMEA as he shares how Synack can help lower the risks of dynamic deployments with a continuous, human, offensive security testing model that’s better suited for the modern DevOps organization
  • The Complete Guide to Responsible Disclosure Programs Sep 25 2018 5:00 pm UTC 60 mins
    Rajesh Krishnan, Product Marketing, Synack.
    To beat criminal hackers, it helps to have ethical ones on your side. Responsible Disclosure Programs - where companies invite suspected security vulnerability reports from the public - have been on the rise in the past few years. Should your company consider Responsible Disclosure? Learn more about the ins and outs of these types of programs and how they can differ in the level of liability and management incurred. Technical. Social, Legal, and other indicators will all be raised.
  • Penetration Testing or Vulnerability Scanning - Aren’t they the same thing? Recorded: Jul 24 2018 53 mins
    Mike Larmie, Federal Solutions Architect, Synack
    Take a look behind the curtain and decide for yourself. Join government security expert Mike Larmie as he breaks down the key differences. He will share what your agency needs to know to make sure your security program is both identifying vulnerabilities and reducing risk of exploit. He will cover the techniques, tools, and tradecraft of each, as well as common questions such as:

    -Who performs the services?
    -How often do they run in a network environment?
    -What’s covered in their data output and reporting?
    -What’s their value?

    Mike will present how government agencies are reinventing how they conduct security testing to achieve greater efficiency and ROI. Learn how your agency’s security team CAN achieve security without compromise.

    BIO: Mike Larmie, Federal Solutions Architect at Synack has more than 20 years of IT Security Experience, and has been involved with countless missions within the DoD, Intel and Civilian Federal Agencies. He has a wealth of experience having worked at companies such as Tenable, Sourcefire, Rapid7, Infoblox, G2 and others.
  • Hacker Powered Cloud Security Testing Recorded: Jul 24 2018 60 mins
    Andy Condliffe, Solution Architect EMEA, Synack
    Cloud security has come full circle - back to the user. Early cloud vendors promised complete security only to find the truth more nuanced - there’s a shared responsibility. Both infrastructure and applications in the cloud need attention to stay clear of security vulnerabilities old and cloud new. Security testing has evolved to meet the needs of hybrid, public, and private cloud deployments. Attendees of this webinar can expect to learn:

    The shared model for cloud security
    What cloud providers protect...and what they don’t
    How to migrate securely to the cloud
    What penetration testing for cloud environments does differently
  • Making Clouds Secure Again (or for the First Time!) Recorded: Jul 17 2018 48 mins
    Doug Cody, Solutions Architect, Synack
    Cloud security has come full circle - back to the user. Early cloud vendors promised complete security only to find the truth more nuanced - there’s a shared responsibility. Both infrastructure and applications in the cloud need attention to stay clear of security vulnerabilities old and cloud new. Security testing has evolved to meet the needs of hybrid, public, and private cloud deployments. Attendees of this webinar can expect to learn:

    The shared model for cloud security
    What cloud providers protect...and what they don’t
    How to migrate securely to the cloud
    What penetration testing for cloud environments does differently
  • Hacker-Powered Cybersecurity with Ted Lieu Recorded: Jul 10 2018 2 mins
    Mark Kuhr, CTO & Co-founder of Synack, Congressman Ted Lieu, Representing the 33rd District of California
    Rep. Ted Lieu made the case for instituting crowdsourced security as the testing standard across agencies through bipartisan legislation such as Hack Your State Department Act. As security leaders, Turskey and Steiger highlighted how crowdsourced security improves security and ROI when done in the right way. The briefing answered the questions:

    What processes and controls should be put in place to garner maximum control from crowdsourced security programs?
    How do I reduce my security risk without introducing new risk into the system through crowdsourcing?
    How do I integrate crowdsourced security into my operations to augment and accelerate my security team’s efforts?

    Watch the video to hear a summary of what was discussed!
  • CNBC Disruptor’s Identity Protection in a Fintech World Recorded: Jun 28 2018 32 mins
    Jay Kaplan, CEO, Synack; Stephen Ufford, CEO Trulioo moderated by Jordan Novet
    Jay Kaplan, CEO and Co-Founder of Synack and Stephen Ufford, CEO and Co-Founder of Trulioo, sit down to talk about identity protection in fintech at emerge Americas 2018. Moderated by CNBC's Jordan Novet.
  • Synack at Infosecurity Europe: Interview with Andy Condliffe Recorded: Jun 26 2018 11 mins
    Andy Condliffe, Solution Architect EMEA, Synack
    Hear Andy Condliffe, Solutions Architect at Synack EMEA as he discusses who Synack are, why traditional penetration testing models are failing for modern enterprises, why crowdsource security testing is becoming an emerging method of keeping organizations secure from sophisticated attackers.
  • Next-Generation Penetration Testing - Go Beyond Just Compliance Recorded: Jun 19 2018 46 mins
    Andy Condliffe, Solution Architect
    What’s your standard penetration testing getting you? Compliance and a vague summary report. What could you get with a crowdsourced penetration test from Synack?

    - A crowd of top, trusted researchers
    - Technology that optimizes for testing efficiency, control, and visibility
    - Managed workflow processes
    - Own the IP of all discovered vulnerabilities with none of the liability.

    Stop settling for the ordinary...Try the Next-Gen. See how you can go beyond just compliance by joining our webinar. You will learn:

    - The problems that traditional penetration testing haven’t addressed
    - How Synack’s crowdsourced platform offers a better pen test and better customer experience
    - Specific use cases for a Synack crowdsourced penetration test
  • Evolution of cyberattacks and how to lower your vulnerabilities against them Recorded: Jun 7 2018 63 mins
    Andy Condliffe, Solution Architect EMEA, Synack
    In today’s cybercriminal world, the perception of attacker capability is vastly different from the reality of what organisations are having to defend against. Furthermore, an understanding of what attackers are after, why and how they monetize stolen or compromised assets, serves as one of the key factors in better understanding how current defenses and security processes, tools and frameworks, stack up, against the latest techniques available to the cybercriminal elite.

    Join this webinar to learn:

    How the three main attacks classes have evolved over the decades

    What tools, techniques and procedures cybercriminals use today, with a deeper dive view of the cybercriminal economy that allows instant monetization of stolen or compromised business assets

    What the most popular tools used today are and provide insights into a concerning (but rapidly growing) trend in attacker automation, with levels of sophistication akin to the capabilities of nation state groups

    How to build an effective security testing programme in response to these changing trends and capabilities by the adversary and how to disrupt the attacker

    Through the employment of your own sophisticated security functions and frameworks, to help originations change the game in what has become an adversarial golden age for cybercriminals across the world
  • How Banco Santander CISO Manages Cyber Risk Recorded: Jun 7 2018 4 mins
    Dave Sheridan, UK CISO, Santander
    Dave Sheridan, Banco Santander (UK) CISO, talks about his journey with Synack and how Synack helps him find unknown vulnerabilities and manage the organization's cyber risk.
  • National Security: Emerging Threats Recorded: May 30 2018 7 mins
    Jay Kaplan, CEO, Synack & H.E. Hyneck Kmoníček, Ambassador of the Czech Republic to the United States
    Jay Kaplan, CEO & Co-Founder, Synack, and H.E. Hyneck Kmoníček, Ambassador of the Czech Republic to the United States speak on a panel for "The Future of Global Cities" Conference hosted by Axios.

    Kaplan and Kmoníček explore cybersecurity as one of the biggest issues facing global cities.
  • The Complete Guide to Crowdsourced Security Testing Recorded: May 22 2018 22 mins
    Rajesh Krishnan, Product Marketing, Synack
    Adoption of bug bounty programs has doubled in the past 3 years, shining a light on crowdsourced security testing options. The bug bounty model, which incentivizes a crowd of creative hackers to probe organizations’ digital assets for exploitable vulnerabilities, has proven quite effective. However, not all crowdsourced testing programs are equal. All programs crowdsource hackers, most incorporate levels of controls for trust and accountability, and some use testing data to help break down testing coverage levels and risk management.

    Join this webinar to learn:
    - Why crowdsourcing hackers and bug bounty is trending
    - Who these crowdsourced hackers are and what they do
    - Where crowdsourced security programs differ
    - How to decide what crowdsourced programs best fit your organization
    - Where the future of crowdsourced security is heading
  • Realistic Risk Scores Recorded: May 14 2018 2 mins
    Mark Kuhr, CTO & Co-founder of Synack
    Join Synack's CTO Mark Kuhr discuss a new risk management framework.
  • TAG Cyber Interview: The Future of Penetration Testing Recorded: May 9 2018 23 mins
    Jay Kaplan, CEO, Synack& Ed Amoroso, Tag Cyber
    Synack Co-Founder and CEO Jay Kaplan talks about the past, present, and future of the company with Ed Amoroso of Tag Cyber.
  • Synack Ethical Hackers Hack the Pentagon Recorded: May 9 2018 5 mins
    Mark Kuhr, CTO, Synack & Aaron Boyd, Editor, Federal Times
    Synack Co-Founder/CTO Mark Kuhr discusses Synack's role in the Department of Defense's Hack the Pentagon program with Federal Times editor Aaron Boyd. Mark explains why government agencies like the DoD trust Synack to test their most sensitive IT assets and how Synack finds and vets the world's most skilled, ethical hackers for the Synack Red Team.
  • Intel Capital Global Summit with Jay Kaplan, CEO of Synack Recorded: May 9 2018 8 mins
    Jay Kaplan, CEO, Synack
    Synack CEO and Co-Founder Jay Kaplan talks about the company's history, culture, momentum, and goals for the future at the Intel Capital Global Summit 2018.
  • Using Offensive Security Testing to Safeguard Critical Assets in the Middle East Recorded: May 8 2018 53 mins
    Ron Peeters, Managing Director EMEA, Synack
    Are you looking to reduce exploitable vulnerabilities against increasingly sophisticated cyber attacks? No longer are sophisticated organizations settling for regular penetration tests and automated scanning tools. Even the most sophisticated scanning technology will deliver many false positives, and periodic pentests have become a checkbox-based activity performed by junior researchers looking for low hanging fruit. So, how are organizations becoming secure without compromise?

    Join this webinar to learn the new approach to security testing which enables organizations to deploy hundreds of offensive security testers with a hacker mindset and intelligent technology to find and fix vulnerabilities before criminal hackers have the chance to exploit them. You will learn:

    - Why traditional scanners and penetration testing are failing to make organizations secure
    - How existing processes don't support the secure development of applications in DevOps and SDLC
    - How offensive security testing with a hacker mindset is transforming the industry
    - How Synack found serious exploits within a few hours of deploying its offensive security testing on critical assets in the US Department of -
    Defense’s systems during our “Hack the Pentagon” program
    - Why Middle East customers are starting to adopt this innovative model
  • How to Lower Vulnerability Risk of DevOps SDLC w/ Continuous Security Testing Recorded: Apr 24 2018 52 mins
    Ron Peeters, Managing Director EMEA, Synack
    DevOps allows organizations to bring web and mobile applications to life faster than traditional SDLC. However with more frequent application updates, there is increased risk of introducing exploitable vulnerabilities to the production stream that won't get detected.

    Traditional penetration testing can't keep up with the frequency and such short deployment cycles and due to its compliance based nature is not comprehensive enough to mimic increasingly sophisticated cyberattack behavior. The result is many high-profile breaches and an increase of serious, exploitable vulnerabilities in live applications.

    Leading organizations are moving towards a security testing model that combines continuous vulnerability scanning tools with continuous manual testing. The manual security testing is performed by international top class Security Researchers who perform offensive and adversarial-based testing that more closely resembles real attack traffic and better aligns with DevOps SDLC.

    Join this webinar led by Ron Peeters, Managing Director of Synack, to learn more about how continuous application security testing lowers the risk of dynamic deployments with DevOps SDLC Synack’s continuous, offensive security testing model better supports DevOps SDLC and lowers the risk of being breached.
  • Offensive Security Testing with a Hacker Mindset Recorded: Mar 22 2018 59 mins
    Ron Peeters, Managing Director EMEA, Synack
    Are you looking to reduce exploitable vulnerabilities against increasingly sophisticated cyber attacks? No longer are sophisticated organizations settling for regular penetration tests and automated scanning tools. Even the most sophisticated scanning technology will deliver many false positives, and periodic pentests have become a checkbox-based activity performed by junior researchers looking for low hanging fruit. So, how are organizations becoming secure without compromise?

    Join our webinar to learn about a new approach to security testing which enables organizations to deploy hundreds of offensive security testers with a hacker mindset and intelligent technology to find and fix vulnerabilities before criminal hackers have the chance to exploit them. You will learn:

    - Why traditional scanners and penetration testing are failing to make organizations secure
    - How offensive security testing with a hacker mindset is transforming the industry
    - How Synack found serious exploits within a few hours of deploying its offensive security testing on critical assets in the US Department of -
    Defense’s systems during our “Hack the Pentagon” program
    - Why European customers are starting to adopt this innovative model
Synack
Synack is a security company revolutionizing how enterprises view cybersecurity: through a hacker’s eyes. Synack’s private, managed hacker-powered security solution arms clients with hundreds of the world's most skilled, highly vetted ethical hackers who provide a truly adversarial perspective to clients’ IT environments.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Penetration Testing Redefined: Leveraging an Army of Ethical Hackers
  • Live at: Nov 14 2017 10:00 am
  • Presented by: Richard Cassidy, Head of Solution Engineering EMEA, Synack
  • From:
Your email has been sent.
or close