Hi [[ session.user.profile.firstName ]]

Part II: A Day in the Life of an Ethical Hacker, with Callum Carney, SRT Member

Part II: A Day in the Life of an Ethical Hacker: A Discussion and Demo with Callum Carney, Synack Red Team Member

Join us for part II of this compelling webcast series. This time around Callum will share his screen and walk you through the SRT portal and process he follows when responding to vulns. He'll answer more questions and will show you what it's like to be a member of the Synack Red Team.

You'll hear about:
- SRT tools including the XSS Hunter

- What constitutes a vulnerability and the decisions that SRT members must make when faced with deciding what vulnerabilities are worth reporting

- How detailed an SRT member's report typically has to be in order to be accepted during the 24hr reporting timeframe

We hope you can join!
Recorded Aug 6 2019 35 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Callum Carney, Synack Red Team Member and Justin Shaw-Gray, Sales Director, Synack
Presentation preview: Part II: A Day in the Life of an Ethical Hacker, with Callum Carney, SRT Member

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How Continuous Security Testing Better Supports Rapid Software Development Dec 19 2019 5:00 pm UTC 49 mins
    Mohamed Abotaleb, Cyber Defence Center & IR Manager, Telefonica and Ron Peeters, Managing Director EMEA, Synack
    How Continuous Security Testing Better Supports Rapid Software Development and Increasingly Agile Systems

    Penetration testing is the traditional method used for uncovering exploitable vulnerabilities but falls progressively short in protecting the business due to its inability to emulate adversarial hacker behavior and today’s sophisticated cyber-attacks. Furthermore, periodic pen tests typically need to be scheduled at least several months in advance and thereby do not align with the short term urgency and nature of the continuous deployment required by DevOps SDLC. Hence, applications and updates go live without being thoroughly tested, resulting in the risk that at any moment in time serious vulnerabilities may be introduced into live systems and are not detected in a timely manner.

    Join speakers Mohamed Abotaleb and Ron Peeters and learn about:

    - The security issues and challenges of a rapid software development and deployment environment with agile systems

    - A new continuous security testing model that better supports DevOps SDLC and Cloud environment

    - How this testing model combines automation technology with continuous or on-demand manual security testing

    - A recent case study from Telefonica that demonstrates the benefits and capabilities of such continuous testing security model
  • Understanding Crowdsourced Security Models for Government Dec 18 2019 5:00 pm UTC 34 mins
    Paul Mote, Chief Solutions Architect
    Join Synack on a journey as we provide an overview of different crowdsourced security testing models such as Crowdsourced Penetration Testing, Bug Bounty, and Vulnerability Disclosure Policies. We will cover insights discussed in our recently published white paper, Crowdsourced Security White Paper: Adoption and Market Trends in the U.S. Government, and highlight the key differentiators in crowdsourced security models including vetting, technology, practical applications, and pricing. Come away with an understanding of what model(s) are right for your agency!
  • Day in the Life of an Ethical Hacker: A Discussion w/ Callum Carney, SRT Member Dec 17 2019 5:00 pm UTC 43 mins
    Callum Carney, Synack Red Team Member, Justin Shaw-Gray, Sales Director, Synack
    The Synack Red Team (SRT) gives the most talented security researchers across the globe a platform to do what they love and get paid for it. A private network of highly-curated and vetted security researchers, the SRT is challenged every day to deliver exploitation discovery and management for some of the biggest brands in the world. On the Synack platform, researchers have access to the industry’s first ever hacker toolkit built at enterprise scale, to make them more efficient and effective at uncovering critical vulnerabilities that matter.

    These ethical hackers are increasingly being recognised as an important way for businesses to unearth security weaknesses before they can be exploited by online criminals.

    In this Webinar, Synack Red Team member, Callum Carney joins Synack’s Justin Shaw Gray for an open conversation on what a day in the life of an ethical hacker is all about. He’ll discuss:

    - How he started his ethical hacker journey
    - Why he chose Synack
    - How it’s changed in the 2 years he’s been working with us
    - What information is critical to successful testing
    - Why you should be using ethical hackers
    - Processes used when a new target comes online.
    - And much much more


    Callum started his ethical hacking journey by supporting organisations such as Google, Spotify and Local UK Businesses to secure their systems. In January 2017, after noticing all of the great comments regarding the Synack platform (fast payouts, fast response times, etc), he applied for the Synack Red Team and was accepted. During his time with Synack he has worked to secure a multitude of systems including government and Fortune 500 enterprise systems. In addition to his work with Synack Callum is studying for an Undergraduate Masters Degree in Computer Science and working as a Software Tester/Developer for the UKs largest supplier of Functional Skills and GCSE assessments.
  • How to Partner to Build More Secure Products: Partnering on Product Development Dec 16 2019 5:30 pm UTC 34 mins
    Panel Discussion
    Partnerships are strategic differentiators that are critical for both startups and enterprise organizations. Navigating a partnership can be a complicated process , trying to integrate and combine two different cultures, processes, and cadence. Security is a critical piece of a successful partnership and should be part of your product development roadmap.

    In this panel discussion, leaders from large established financial service organizations and fintech startups discuss:
    -How to utilize strategic frameworks during your product development process
    -Why partnerships can be beneficial for both startups and enterprise companies and what outcomes you can expect from a strategic partnership
    -What the best practices are to ensure a partnership is set up for success
    -How you can ensure the security of your products through a partnership
    -What role compliance plays in partnerships

    Presenters:
    Meg Bear, SVP, Product & Engineering, Juvo (Moderator)
    Susan French, Head of Product, BBVA Open Platform
    Aisling MacRunnels, CMO & Founding Member, Synack
    Liz O’Donnell, Co Founder & COO, Wisetack
  • Scaling Success: 9 Things Great Security Teams Do (and 5 They Don't) Recorded: Nov 21 2019 24 mins
    Nick Harahill, VP of Operations, Synack
    Great Security Teams have certain best practices in common. And practices to avoid. Some of these are technical best practices; some are organizational. Each one helps the journey from reactive to proactive security as organizations and security needs scale.

    Join Synack's Nick Harrahill as he shares his experience working with hundreds of security teams on what the best security teams do...and do not.
  • Ramping Remediation: Journey of a Crowdsourced Vulnerability Recorded: Nov 21 2019 29 mins
    Rajesh Krishnan, Director, Product Marketing, Synack Steven Scoles, Security Analyst, Synack
    Security Testing focuses on closing vulnerabilities that are found via scanning, penetration testing, responsible disclosure or other means. But what's the full life of that vulnerability? Vulnerabilities are born, live, get found (if you're lucky), and at some point, end.

    In this session, we'll dig deeper into the lifecycle of a security vulnerability, to get better insights into how to avoid them, how to find them, and how to get rid of each one once and for all.
  • How Technology Augments Hackers to Hunt for Vulnerabilities Efficiently Recorded: Nov 20 2019 21 mins
    Sasha Krassiev, Phil Whitby, Director & Kaitna Shankar (Synack)
    Augmented Intelligence: How Technology Augments Hackers to Hunt for Vulnerabilities Efficiently

    AI and ML will never replace humans in security... but using it in the right way can augment the way humans hunt for vulnerabilites. Crowdsourced security testing is now being taken to another level with augmented intelligence.

    Learn from Synack's Directors of Engineering on how they are building technology to make security testing much more efficient and how their optimized approach of algorithmic scanning and human testing allows security teams to gain a more robust security posture.

    Sasha Krassiev, Sr. Director, Engineering, Synack
    Phil Whitby, Director, Engineering, Synack
    Kaitna Shankar, Product Marketing Manager, Synack
  • Best Practices for Compliance and Security Testing at Scale Recorded: Nov 20 2019 27 mins
    Paul Mote, Director of Solutions Architects for Federal, Synack Justine Desmond, Manager, Product Marketer, Synack
    Whether you are a security, IT, or audit executive, compliance can be difficult to scale with growing assets, IPs, and attack surfaces. Increaasingly, compliance and security testing are being integrated into the Software Development Life Cycle (SDLC) to help avoid last minute panic during deployment.

    Synack conducted a survey of 311 organizations to better understand how they make their compliance and security testing programs more efficient and effective.

    Some of the question we answer include:
    - Who should oversee compliance and security testing?
    - Which compliance and best practice standards are top of mind?
    - Which methods should be employed to perform security testing for compliance purposes?
    - How many hours are performed on average per a test?

    We hope you come away with a stronger vision for integrating your security testing, compliance and SDLC.
  • Keeping Pace with Process: Best Practices for Managing Security at Scale Recorded: Nov 20 2019 43 mins
    Nathan Jones, Director of Operations, Synack
    Managing the ever-expanding threat landscape, especially given how busy security teams already are, is becoming increasingly difficult. Security teams need integrated technology and tools to help them work smarter, not harder, when it comes to security.
    Nathan Jones, Director, Operations-Customer Success has deployed hundreds of security tests for customers across all industries. Nathan has analyzed and broken down best practices he has seen the most secure companies utilize to get the most value from their security testing.
    During this webinar you will learn:
    -Best practices for starting a crowdsourced security test
    -What to expect from a crowdsourced security test in your day to day
    -Integrating crowdsourced security data into your workflow
  • Scaling Down Risk: Managing Your Security Portfolio Recorded: Nov 20 2019 19 mins
    Luisa Antas, Manager, Customer Success, Synack & Ryan Cordell, Manager, Federal Operations, Synack
    In today's rapidly evolving threat landscape and hyper-connected infrastructure, security testing must keep up. To scale a security test, you need a crowd, but to maintain control over your enterprise-wide testing, you need technology and processes.

    In this webinar we will discuss:

    - How to manage and prioritize risk within your portfolio, how to prioritize across your apps and scale your security testing while mitigating risk
    - What technical controls you should look for in every security test
    - How to leverage your security testing to minimize security risk
  • Built to Scale: How to Select Security Vendors That Will Scale With You Recorded: Nov 20 2019 27 mins
    Nick Harahill, VP of Operations, Synack
    With more than 3,000 security vendors operating today, choosing the right vendor for your organization can be time-consuming, and differentiating amongst the thousands of vendors can feel impossible.

    During this webinar, we will break down how to select security testing vendors and find efficiencies among them, including:
    - The different types of security testing, their capabilities, and their pros and cons
    - The questions to ask in your RFPs
    - How to measure performance
  • How to Scale Security: Augmenting Security the Smart Way Recorded: Nov 20 2019 42 mins
    Aisling MacRunnels, Chief Marketing Officer, Synack & Ron Ulko, Information Security Manager, Domino's
    To scale security, you need a crowd. But to scale a crowd, you need technology. Sit down with Synack's CMO Aisling MacRunnels and Domino's Information Security Manager Ron Ulko as they discuss how security testing is being taken to another level using a crowdsourcd, AI-enabled approach.

    In this session, we'll hear how enterprise is modernizing their security practices and optimizing the use of humans and augmented intelligence to achieve more efficient, smart security testing at scale.
  • Use a Crowdsourced Penetration Test to Achieve Real Security and NIST 800-53 Recorded: Oct 17 2019 23 mins
    Justine Desmond, Manager - Product Marketing
    NIST 800-53 security controls are a best practice enterprises and government agencies use to secure their assets. This webinar is intended for security executives and auditors, who are considering proven methods for meeting compliance objectives for frameworks like FISMA, 27001, GDPR, and HIPAA. This webinar describes specific compliance frameworks relevant for NIST 800-53, the process of using Crowdsourced Penetration Testing and NIST 800-53 security controls to achieve your compliance goals, and how Synack’s solution for NIST 800-53 compares to traditional penetration testing and bug bounty.
  • GDPR: How to Avoid Being the Next Headline Recorded: Oct 8 2019 47 mins
    Andy Condliffe, Solutions Architect for EMEA, Synack
    Fines for GDPR breaches are here and the impact is huge. But these are just fines and not the actual cost of the breach. Personal data, company reputation, financial loss, all are at risk. Yet the problem is not being fully addressed. According to the 2019 Digital Business Report by UK software and services firm Advanced, “Despite the European Union’s General Data Protection Regulation (GDPR), only one third (34%) of respondents said regulatory change was triggering the purchase of new technology in their organization”. Less than 1/4 of UK firms priorities security when investing in new technology, despite the threat of cyber attacks and data protection regulations, surveys reveal. The big question now is… Will it happen to your company?

    In this webinar we will discuss

    - How likely your organization is to be affected by PII data leakage.
    - Synack’s innovative solution combining the best of artificial intelligence and crowdsourced human intelligence
    - How Synack can help protect you.
  • Part II: A Day in the Life of an Ethical Hacker, with Callum Carney, SRT Member Recorded: Aug 6 2019 35 mins
    Callum Carney, Synack Red Team Member and Justin Shaw-Gray, Sales Director, Synack
    Part II: A Day in the Life of an Ethical Hacker: A Discussion and Demo with Callum Carney, Synack Red Team Member

    Join us for part II of this compelling webcast series. This time around Callum will share his screen and walk you through the SRT portal and process he follows when responding to vulns. He'll answer more questions and will show you what it's like to be a member of the Synack Red Team.

    You'll hear about:
    - SRT tools including the XSS Hunter

    - What constitutes a vulnerability and the decisions that SRT members must make when faced with deciding what vulnerabilities are worth reporting

    - How detailed an SRT member's report typically has to be in order to be accepted during the 24hr reporting timeframe

    We hope you can join!
  • How Continuous Security Testing Better Supports Rapid Software Development Recorded: Jun 28 2019 50 mins
    Mohamed Abotaleb, Cyber Defence Center & IR Manager, Telefonica and Ron Peeters, Managing Director EMEA, Synack
    How Continuous Security Testing Better Supports Rapid Software Development and Increasingly Agile Systems

    Penetration testing is the traditional method used for uncovering exploitable vulnerabilities but falls progressively short in protecting the business due to its inability to emulate adversarial hacker behavior and today’s sophisticated cyber-attacks. Furthermore, periodic pen tests typically need to be scheduled at least several months in advance and thereby do not align with the short term urgency and nature of the continuous deployment required by DevOps SDLC. Hence, applications and updates go live without being thoroughly tested, resulting in the risk that at any moment in time serious vulnerabilities may be introduced into live systems and are not detected in a timely manner.

    Join speakers Mohamed Abotaleb and Ron Peeters and learn about:

    - The security issues and challenges of a rapid software development and deployment environment with agile systems

    - A new continuous security testing model that better supports DevOps SDLC and Cloud environment

    - How this testing model combines automation technology with continuous or on-demand manual security testing

    - A recent case study from Telefonica that demonstrates the benefits and capabilities of such continuous testing security model
  • Part II: A Day in the Life of an Ethical Hacker, with Callum Carney, SRT Member Recorded: Jun 12 2019 36 mins
    Callum Carney, Synack Red Team Member and Justin Shaw-Gray, Sales Director, Synack
    Part II: A Day in the Life of an Ethical Hacker: A Discussion and Demo with Callum Carney, Synack Red Team Member

    Join us for part II of this compelling webcast series. This time around Callum will share his screen and walk you through the SRT portal and process he follows when responding to vulns. He'll answer more questions and will show you what it's like to be a member of the Synack Red Team.

    You'll hear about:
    - SRT tools including the XSS Hunter

    - What constitutes a vulnerability and the decisions that SRT members must make when faced with deciding what vulnerabilities are worth reporting

    - How detailed an SRT member's report typically has to be in order to be accepted during the 24hr reporting timeframe

    We hope you can join!
  • Five ways the G2000 is Building Security and Trust Recorded: Jun 4 2019 29 mins
    Ravi Das, Cyber Security News and Ann-Marie (Punky) Witt, Synack
    We asked CISOs from the Global 2000, government agencies, and high-growth companies about their 2019 priorities. Across the board, they answered: effective, efficient security that is grounded in trust.

    In this new webinar Cyber Security News’ Ravi Das dives deep into the 2019 Trust Report findings with Synack’s Director of Product Marketing, Anne-Marie (Punky) Witt. In this webinar, Ravi and Punky discuss the key findings from the report, including:
    - The 2019 list of most secure and trusted industries
    - Average security performance over time (and the impact on trust scores)
    - The ROI of a continuous, integrated approach to security
    - Trends in severity of vulnerability findings and remediation
    - The 5 things that successful organizations are doing to build security and trust
  • Intelligence in Penetration Testing - Human vs. Artificial Recorded: May 7 2019 36 mins
    Doug Cody, Solutions Architect
    As cybercrime continues to evolve and the consequences and damages of an attack continue to increase, it is vital to manage vulnerabilities through security testing.

    Security Testing can be done in several different ways, the one that's best for you is the one that aligns with your threat model and traditional concerns. Join Doug Cody, Solutions Architect, Synack as he discusses the roles of scanners, penetration testing, bug bounty, AI and more.

    Join this webinar to learn:
    - How Different Vulnerabilities Map to Different Discovery Methods
    - What Scanners Really Do
    - What Penetration Testers Really Do
  • Essential Elements of a Penetration Test Recorded: Apr 23 2019 36 mins
    Jason Calvert, Synack Red Team / Rajesh Krishnan, Synack Product Marketing
    What do you get when you buy a penetration test? If it’s the same thing you got last time - maybe you’re not getting enough for your money. Technology for monitoring testing, analyzing traffic, and crowdsourcing have changed pen testing forever.

    Join security expert and Synack Red Team member Jason Calvert and Synack’s Rajesh Krishnan as they go through the Essential Elements. Viewers can learn:
    - Core components of a penetration test
    - Who uses the outputs and why
    - What you can now get above and beyond a plain penetration test
Synack
Synack is a security company revolutionizing how enterprises view cybersecurity: through a hacker’s eyes. Synack’s private, managed hacker-powered security solution arms clients with hundreds of the world's most skilled, highly vetted ethical hackers who provide a truly adversarial perspective to clients’ IT environments.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Part II: A Day in the Life of an Ethical Hacker, with Callum Carney, SRT Member
  • Live at: Aug 6 2019 5:00 pm
  • Presented by: Callum Carney, Synack Red Team Member and Justin Shaw-Gray, Sales Director, Synack
  • From:
Your email has been sent.
or close