A CISO's Take on Continuous Security Validation

Orchestrated Windows System Call Invocation without Detection

The Endpoint Detection and Response (EDR) promise of complete network visibility along with the ability to monitor and correlate events on the Operating System in real-time, leads many security professionals to believe they will decrease the number of blind spots for malware authors and penetration testers. But do we even know how EDR tools really work? Is this trust justified?


In our session, Pcysys Cyber Researcher, Eliran Nissan and Head of Research, Alex Spivakovski, will answer the above questions by demonstrating -

A new approach to autonomous SysCall invocations
A framework for invoking SysCalls to challenge your networks and products
Latest evasion techniques undetectable by many EDR/XDR products
on the market today

The importance of applying the attacker's perspective to network security testing and validation is becoming clearer and clearer to security professionals. It's not enough to blindly test for static vulnerabilities or even simulate attacks, for a chance to stay ahead, we need the attacker's mindset on our side.

Interview with a Hacker
In this exclusive interview two hackers discuss their approach to infiltrating the enterprise IT network.

Listen in to hear -

How today's attackers approach the IT network
Common exploitable vulnerabilities found in the enterprise
Latest hacking techniques executed today

As the attack surface continues to grow and the number of attacks increases, there still remains a gap when it comes to validating the effectiveness and accuracy of the enterprise’s cyber posture.

In this webinar, Pcysys Sales Engineer, Blake Strozdas, joins CISO, Karl Mattson, to review the path to cyber security validation in the enterprise.

Join us June 25th to hear -

Best practices for continuous security control validation
How to close the gap between policy and practice in the network
How to increase the productivity of their security teams
A new approach to risk-based remediation prioritization

The inability to continuously test security controls in the network and prioritize remediation according to business impact remains a challenge for security professionals worldwide.

Join our webinar, June 10th, to hear how enterprise security executives in the UK:

Enable secure business continuity on their extended networks
Continuously validate their cyber defenses with limited on-site access
Focus remediation only on breachable vulnerabilities
Regularly challenge their network against the MITRE ATT&CK framework

Quick-wins to Automate Cyber Defense Validation and Reduce Risk
Today’s remote work reality coupled with increased cyber-attacks have caused an information security ‘seismic wave’. Many organizations seek ways to automate any possible aspect of vulnerability assessment and security validation to support business continuity.

Aite Group conducted research and interviews with numerous security leaders regarding their use of automation to perform control validation. The research included details on strategies to reduce organizational cyber risk.

In this Webinar Aite Group Senior Analyst, Joseph Krull, reviews -

The recent leap in technology that allows for machine-based security validation
The difference between Breach and Attack Simulation (BAS) and Breach and Attack Emulation (BAE)
The desired mix of vulnerability management and penetration testing programs
A case study - a financial services organization’s use of breach and attack emulation to reduce overall cyber risk
Aite Group recommendations for organizations to improve their security testing efforts

The increase in remote workforce is extending the corporate “edge” to include the homes of employees, adding personal devices and networks to an already complex environment.

Join our webinar to hear how enterprise security executives globally leverage the platform to:

Secure their remote extended networks
Continuously validate their cyber defenses with zero on-site access
Focus remediation only on breachable vulnerabilities
Regularly challenge their network against the MITRE ATT&CK framework

Deliver remote automated penetration testing projects, with higher profit margins, with your existing team

In this webinar, Pcysys CEO, Amitai Ratzon discusses how you can now provide a more competitive, continuous and profitable network penetration testing service, especially in times of physical access limitations.

Your Takeaways:

Provide penetration testing services instantly from anywhere in the world
Increase your penetration testing productivity and margin
The easy path of integrating automation into your service offering
Help your customers grow a stronger security posture in the remote workforce era

Technologies and best practices in cyber security control validation

The inability to continuously test security controls in the network and prioritize remediation according to business impact remains a challenge for security professionals worldwide.

In this webinar, Karl Mattson, CISO, will review:

Best practices for continuous security control validation
Closing the gap between policy and practice in the network
How to enable your security team to be more productive
A new approach to risk-based remediation prioritization

In these unique time of remote work, securing the organizational network has become a challenge. To always stay ahead and constantly have visibility to what's happening, you can't do without continuous security validation. The Mime artist, Dani Aragon, explains.

Pcysys CEO Amitai Ratzon, sits down with former City National Bank CISO, Karl Mattson, to discuss the increasing need to continuously test cyber security controls and this activity’s place in the enterprise security program.

In this discussion, Karl shares how he integrated the automated penetration testing platform, PenTera, in his network and how it differs from breach and attack simulation products.

Karl Mattson, former CISO, City National Bank shares how the Automated Penetration testing platform, PenTera enabled the increase team productivity, complete network visibility and the growth of the organization's cyber resilience. Join us March 17th for the full interview!

Karl Mattson, former CISO, City National Bank explains the benefits in using automated penetration testing to validate security controls. Join us for the full interview March 17th!

Karl Mattson, former CISO, City National Bank explains how continuous security through Automated Pentesting fits into a CISO's strategy. Join us for the full interview March 17th!

Karl Mattson, former CISO, City National Bank explains why attack simulation isn't enough when defending the IT network in today's threatscape. Join us for the full interview March 17th!

PCYSYS, Cybertech Tel Aviv 2020
1-2-1 Interview - Amitai Ratzon, CEO

Sivan Harel presents the huge leap in technology which now enables automated network penetration testing.

Your Takeaways:

A fresh approach to risk-based vulnerability remediation prioritization
How to ensure your security posture is kept 24/7 in an ever-changing IT network
Closing the gap between policy and practice in your network
How to leverage your team to do more to improve your cyber resilience

Pcysys CEO Amitai Ratzon, sits down with Blackstone CISO, Adam Fletcher, to discuss the increasing need to automate security validation and this activity’s place in the enterprise security program.

In this discussion, Adam will share the reasons for backing the automated penetration testing platform, PenTera with funding, after running it on their network and how it differs from breach and attack simulation products.

We’ve all heard of the increasing sophistication of the threatscape, that attackers have the top malicious tools at their disposal to run havoc in any network they deem worthy. But what does that really mean? And how does it affect your network and cyber defense strategy?

Join Pcysys Head of Research, Alex Spivakovski, for a live demonstration of some of the top hacking techniques threatening enterprises today and how to test for them. See how the smallest misconfigurations in the network can lead to catastrophic outcomes or be remediated with ease. This is an opportunity to get acquainted with the evolving world of continuous cyber testing.

Some of the topics we’ll cover:

1. Live demonstration of top hacking techniques threatening enterprises today
2. Top breachable vulnerabilities in 2019 and how to reveal them in your network
3. A sustainable way to incorporate automation in your security validation practice to stay one step ahead of the attackers