Hi [[ session.user.profile.firstName ]]

Penetration Testing Redefined: Leveraging an Army of Ethical Hackers

Perfect security is a myth as attackers evolve. Trying to create a perfect defense usually ends up piling up layer after layer of defense, but each layer solves one part of a bigger problem, while introducing even more solutions to manage. As the endless series of recent breaches have proven, compliance, automated scanners or traditional penetration tests have failed to make us secure. What we really need is an easy way to see how we look from an enemy perspective.
Win by changing the game.

Instead of trying and failing to stop all attackers, make yourself so difficult to attack that their own cost-benefit analysis will prompt them to move on.

We call it Attacker Resistance and Synack can help you increase yours.

It's not just any “Crowd”. Recently, innovations in crowdsourced security show that motivated and prepared ethical hackers outperform the current standard in security testing methodologies. Crowdsourcing - combined with Synack’s unique software to assist ethical hackers - provides organizations with the data and proof of increased security through Attack Resistance.
Recorded Nov 14 2017 63 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Richard Cassidy, Head of Solution Engineering EMEA, Synack
Presentation preview: Penetration Testing Redefined: Leveraging an Army of Ethical Hackers

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Penetration Testing or Vulnerability Scanning - Aren’t they the same thing? Dec 18 2018 7:00 pm UTC 53 mins
    Mike Larmie, Federal Solutions Architect, Synack
    Take a look behind the curtain and decide for yourself. Join government security expert Mike Larmie as he breaks down the key differences. He will share what your agency needs to know to make sure your security program is both identifying vulnerabilities and reducing risk of exploit. He will cover the techniques, tools, and tradecraft of each, as well as common questions such as:

    -Who performs the services?
    -How often do they run in a network environment?
    -What’s covered in their data output and reporting?
    -What’s their value?

    Mike will present how government agencies are reinventing how they conduct security testing to achieve greater efficiency and ROI. Learn how your agency’s security team CAN achieve security without compromise.

    BIO: Mike Larmie, Federal Solutions Architect at Synack has more than 20 years of IT Security Experience, and has been involved with countless missions within the DoD, Intel and Civilian Federal Agencies. He has a wealth of experience having worked at companies such as Tenable, Sourcefire, Rapid7, Infoblox, G2 and others.
  • The Complete Guide to Crowdsourced Security Testing Dec 13 2018 6:00 pm UTC 22 mins
    Rajesh Krishnan, Product Marketing, Synack
    Adoption of bug bounty programs has doubled in the past 3 years, shining a light on crowdsourced security testing options. The bug bounty model, which incentivizes a crowd of creative hackers to probe organizations’ digital assets for exploitable vulnerabilities, has proven quite effective. However, not all crowdsourced testing programs are equal. All programs crowdsource hackers, most incorporate levels of controls for trust and accountability, and some use testing data to help break down testing coverage levels and risk management.

    Join this webinar to learn:
    - Why crowdsourcing hackers and bug bounty is trending
    - Who these crowdsourced hackers are and what they do
    - Where crowdsourced security programs differ
    - How to decide what crowdsourced programs best fit your organization
    - Where the future of crowdsourced security is heading
  • Why your penetration tests in 2018 were a let down and best practices for 2019 Recorded: Dec 5 2018 53 mins
    Quoc Dang, Andy Condliffe, Synack EMEA
    You know that standard penetration tests delivered by the BIG 5 misses the mark when it comes to protecting the new needs of the cyber-secure, agile, data-driven organisation. You probably run them once or thrice a year to tick a compliance box or because your superiors have told you to do so. Why settle for the old way of doing a penetration test performed by a couple of junior testers only to wait weeks for the reports and be disappointed with the results? Join the Synack EMEA team for an upcoming webinar where we will share how crowdsourced security testing is modernizing the pen test for agile, data-driven organisations who need, more than ever, to be secure. We will cover:

    What's wrong with traditional penetration tests
    Why smarter, innovative organizations adopt a continuous, crowdsourced approach to security testing
    How the use of AI, bug bounty and smart technology transforms testing results
    When you can started your own crowdsourced security testing
  • Beyond Bug Bounty in Financial Services Recorded: Nov 7 2018 60 mins
    Karl Schimmeck, Morgan Stanley; Jay Kaplan, Synack; Mikhail Sosonkin, Synack Red Team; Sean Sposito, Javelin Strategies
    Penetration testing is not a new concept – and that’s the problem, especially for financial institutions working to protect their financial assets and customer data in a modern, digital economy.

    Banks, credit card companies, digital currency exchanges, and other financial institutions from the Fortune 500 to early stage companies are turning to crowdsourced security to get beyond penetration testing and achieve both real security and compliance.

    Karl Schimmeck, Executive Director, Global Head of Vulnerability Management at Morgan Stanley, recently took the stage with Jay Kaplan, CEO & Co-Founder of Synack, and Mikhail Sosonkin, Synack Red Team member, at leading payments conference Money20/20 to talk about how the industry is conducting more aggressive security testing in a controlled, efficient, results-oriented way.
  • Security & Democracy: Collaborating on Election Security Recorded: Nov 6 2018 55 mins
    Chris Krebs and tech leaders Synack, Microsoft, and Cloudflare
    Under Secretary for the Department of Homeland Security’s National Protection and Programs Directorate (NPPD) Chris Krebs and tech leaders Synack, Microsoft, and Cloudflare came together in Washington D.C. today through a “Security and Democracy” event convened by TheBridge. This event brought together private companies who are driving election security initiatives with the Department of Homeland Security to discuss the election threat landscape, the progress of public-private collaboration efforts to secure the election process, and the future outlook on local elections and election security.
  • Offensive Security Testing for SAP HANA and Fiori Apps; why you are at risk ... Recorded: Nov 6 2018 59 mins
    Ron Peeters, Synack; Uemit Uezdurmus; SAP; Holger Stumm, CEO of LOG2
    SAP HANA environments have complex architectures with large attack surfaces and many potential breach points. They are often exposed and external facing to a large extent i.e. SAP FIORI Apps. Traditional compliance-based pen tests and vulnerability scanning simply aren’t able to mimic sophisticated cyber attacks in order to find and fix exploitable vulnerabilities. This puts your organization at great risk of being compromised, data breaches and GDPR violations. So what are the options?

    Join this session as we outline the need for a smarter security testing solution that is offensive, mimics attacker behaviour, reduces your attack surface, and lowers vulnerabilities against sophisticated attacks. We will cover:

    How a crowd of elite security testers can be deployed rapidly to uncover serious vulnerabilities in your external facing SAP applications
    How a continuous offensive security approach to your SAP landscape is needed in support of modern agile SDLC / DevOps environments

    Presented by:

    – Uemit Uezdurmus, Global Head of SAP Managed Security Services, SAP

    – Holger Stumm, CEO of LOG2, a Germany based specialist in SAP security testing for 30+ years

    – Ron Peeters, Managing Director EMEA of Synack, a Silicon Valley based leader in Offensive Security Testing.
  • TAG Cyber Interview: The Future of Penetration Testing Recorded: Oct 8 2018 23 mins
    Jay Kaplan, CEO, Synack& Ed Amoroso, Tag Cyber
    Synack Co-Founder and CEO Jay Kaplan talks about the past, present, and future of the company with Ed Amoroso of Tag Cyber.
  • Bringing Hacker-Powered Security Testing to DevOps SDLC Recorded: Sep 27 2018 51 mins
    Andy Condliffe, Solution Architect EMEA, Synack
    DevOps allows organizations to bring web, mobile, and IoT applications to life faster than traditional SDLC models. However, continuous releases and updates introduce new risks by the way of exploitable vulnerabilities that are introduced and left undetected and unresolved/unpatched in the production stream.

    Traditional point-in-time penetration tests can’t keep up with the frequency and short deployment cycles of the modern DevOps organization. Traditional pen tests are usually conducted through checklist-based activities that lack the comprehensiveness to mimic and defend against sophisticated cyber attacks. The result? An increase in serious, exploitable vulnerabilities in live applications and a slew of high-profile breaches..

    Leading enterprise organizations are utilizing a crowdsourced security testing platform that combines continuous vulnerability scanning tools with manual, crowdsourced human security testing. This model of offensive and adversarial-based testing delivers realistic attack traffic on customers’ applications, resulting in effective vulnerability discovery and management and “smart” security intelligence without compromising security and control. Scalable and controlled crowdsourced testing at a continuous cadence is the answer for secure DevOps SDLC.

    Join this session by Andy Condliffe of Synack EMEA as he shares how Synack can help lower the risks of dynamic deployments with a continuous, human, offensive security testing model that’s better suited for the modern DevOps organization
  • The Complete Guide to Responsible Disclosure Programs Recorded: Sep 25 2018 28 mins
    Rajesh Krishnan, Product Marketing, Synack.
    To beat criminal hackers, it helps to have ethical ones on your side. Responsible Disclosure Programs - where companies invite suspected security vulnerability reports from the public - have been on the rise in the past few years. Should your company consider Responsible Disclosure? Learn more about the ins and outs of these types of programs and how they can differ in the level of liability and management incurred. Technical. Social, Legal, and other indicators will all be raised.
  • Penetration Testing or Vulnerability Scanning - Aren’t they the same thing? Recorded: Jul 24 2018 53 mins
    Mike Larmie, Federal Solutions Architect, Synack
    Take a look behind the curtain and decide for yourself. Join government security expert Mike Larmie as he breaks down the key differences. He will share what your agency needs to know to make sure your security program is both identifying vulnerabilities and reducing risk of exploit. He will cover the techniques, tools, and tradecraft of each, as well as common questions such as:

    -Who performs the services?
    -How often do they run in a network environment?
    -What’s covered in their data output and reporting?
    -What’s their value?

    Mike will present how government agencies are reinventing how they conduct security testing to achieve greater efficiency and ROI. Learn how your agency’s security team CAN achieve security without compromise.

    BIO: Mike Larmie, Federal Solutions Architect at Synack has more than 20 years of IT Security Experience, and has been involved with countless missions within the DoD, Intel and Civilian Federal Agencies. He has a wealth of experience having worked at companies such as Tenable, Sourcefire, Rapid7, Infoblox, G2 and others.
  • Hacker Powered Cloud Security Testing Recorded: Jul 24 2018 60 mins
    Andy Condliffe, Solution Architect EMEA, Synack
    Cloud security has come full circle - back to the user. Early cloud vendors promised complete security only to find the truth more nuanced - there’s a shared responsibility. Both infrastructure and applications in the cloud need attention to stay clear of security vulnerabilities old and cloud new. Security testing has evolved to meet the needs of hybrid, public, and private cloud deployments. Attendees of this webinar can expect to learn:

    The shared model for cloud security
    What cloud providers protect...and what they don’t
    How to migrate securely to the cloud
    What penetration testing for cloud environments does differently
  • Making Clouds Secure Again (or for the First Time!) Recorded: Jul 17 2018 48 mins
    Doug Cody, Solutions Architect, Synack
    Cloud security has come full circle - back to the user. Early cloud vendors promised complete security only to find the truth more nuanced - there’s a shared responsibility. Both infrastructure and applications in the cloud need attention to stay clear of security vulnerabilities old and cloud new. Security testing has evolved to meet the needs of hybrid, public, and private cloud deployments. Attendees of this webinar can expect to learn:

    The shared model for cloud security
    What cloud providers protect...and what they don’t
    How to migrate securely to the cloud
    What penetration testing for cloud environments does differently
  • Hacker-Powered Cybersecurity with Ted Lieu Recorded: Jul 10 2018 2 mins
    Mark Kuhr, CTO & Co-founder of Synack, Congressman Ted Lieu, Representing the 33rd District of California
    Rep. Ted Lieu made the case for instituting crowdsourced security as the testing standard across agencies through bipartisan legislation such as Hack Your State Department Act. As security leaders, Turskey and Steiger highlighted how crowdsourced security improves security and ROI when done in the right way. The briefing answered the questions:

    What processes and controls should be put in place to garner maximum control from crowdsourced security programs?
    How do I reduce my security risk without introducing new risk into the system through crowdsourcing?
    How do I integrate crowdsourced security into my operations to augment and accelerate my security team’s efforts?

    Watch the video to hear a summary of what was discussed!
  • CNBC Disruptor’s Identity Protection in a Fintech World Recorded: Jun 28 2018 32 mins
    Jay Kaplan, CEO, Synack; Stephen Ufford, CEO Trulioo moderated by Jordan Novet
    Jay Kaplan, CEO and Co-Founder of Synack and Stephen Ufford, CEO and Co-Founder of Trulioo, sit down to talk about identity protection in fintech at emerge Americas 2018. Moderated by CNBC's Jordan Novet.
  • Synack at Infosecurity Europe: Interview with Andy Condliffe Recorded: Jun 26 2018 11 mins
    Andy Condliffe, Solution Architect EMEA, Synack
    Hear Andy Condliffe, Solutions Architect at Synack EMEA as he discusses who Synack are, why traditional penetration testing models are failing for modern enterprises, why crowdsource security testing is becoming an emerging method of keeping organizations secure from sophisticated attackers.
  • Next-Generation Penetration Testing - Go Beyond Just Compliance Recorded: Jun 19 2018 46 mins
    Andy Condliffe, Solution Architect
    What’s your standard penetration testing getting you? Compliance and a vague summary report. What could you get with a crowdsourced penetration test from Synack?

    - A crowd of top, trusted researchers
    - Technology that optimizes for testing efficiency, control, and visibility
    - Managed workflow processes
    - Own the IP of all discovered vulnerabilities with none of the liability.

    Stop settling for the ordinary...Try the Next-Gen. See how you can go beyond just compliance by joining our webinar. You will learn:

    - The problems that traditional penetration testing haven’t addressed
    - How Synack’s crowdsourced platform offers a better pen test and better customer experience
    - Specific use cases for a Synack crowdsourced penetration test
  • Evolution of cyberattacks and how to lower your vulnerabilities against them Recorded: Jun 7 2018 63 mins
    Andy Condliffe, Solution Architect EMEA, Synack
    In today’s cybercriminal world, the perception of attacker capability is vastly different from the reality of what organisations are having to defend against. Furthermore, an understanding of what attackers are after, why and how they monetize stolen or compromised assets, serves as one of the key factors in better understanding how current defenses and security processes, tools and frameworks, stack up, against the latest techniques available to the cybercriminal elite.

    Join this webinar to learn:

    How the three main attacks classes have evolved over the decades

    What tools, techniques and procedures cybercriminals use today, with a deeper dive view of the cybercriminal economy that allows instant monetization of stolen or compromised business assets

    What the most popular tools used today are and provide insights into a concerning (but rapidly growing) trend in attacker automation, with levels of sophistication akin to the capabilities of nation state groups

    How to build an effective security testing programme in response to these changing trends and capabilities by the adversary and how to disrupt the attacker

    Through the employment of your own sophisticated security functions and frameworks, to help originations change the game in what has become an adversarial golden age for cybercriminals across the world
  • National Security: Emerging Threats Recorded: May 30 2018 7 mins
    Jay Kaplan, CEO, Synack & H.E. Hyneck Kmoníček, Ambassador of the Czech Republic to the United States
    Jay Kaplan, CEO & Co-Founder, Synack, and H.E. Hyneck Kmoníček, Ambassador of the Czech Republic to the United States speak on a panel for "The Future of Global Cities" Conference hosted by Axios.

    Kaplan and Kmoníček explore cybersecurity as one of the biggest issues facing global cities.
  • The Complete Guide to Crowdsourced Security Testing Recorded: May 22 2018 22 mins
    Rajesh Krishnan, Product Marketing, Synack
    Adoption of bug bounty programs has doubled in the past 3 years, shining a light on crowdsourced security testing options. The bug bounty model, which incentivizes a crowd of creative hackers to probe organizations’ digital assets for exploitable vulnerabilities, has proven quite effective. However, not all crowdsourced testing programs are equal. All programs crowdsource hackers, most incorporate levels of controls for trust and accountability, and some use testing data to help break down testing coverage levels and risk management.

    Join this webinar to learn:
    - Why crowdsourcing hackers and bug bounty is trending
    - Who these crowdsourced hackers are and what they do
    - Where crowdsourced security programs differ
    - How to decide what crowdsourced programs best fit your organization
    - Where the future of crowdsourced security is heading
  • Realistic Risk Scores Recorded: May 14 2018 2 mins
    Mark Kuhr, CTO & Co-founder of Synack
    Join Synack's CTO Mark Kuhr discuss a new risk management framework.
Synack
Synack is a security company revolutionizing how enterprises view cybersecurity: through a hacker’s eyes. Synack’s private, managed hacker-powered security solution arms clients with hundreds of the world's most skilled, highly vetted ethical hackers who provide a truly adversarial perspective to clients’ IT environments.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Penetration Testing Redefined: Leveraging an Army of Ethical Hackers
  • Live at: Nov 14 2017 10:00 am
  • Presented by: Richard Cassidy, Head of Solution Engineering EMEA, Synack
  • From:
Your email has been sent.
or close