Pentesting - Crowdsourced vs Traditional vs Automated - Which One Is For Me?

Presented by

Alex Haynes, CISO, CDL

About this talk

Penetration testing has evolved dramatically in recent years with crowdsourced pen testing and automated pen testing now viable solutions to the traditional approach of having a lone pen tester assess your environment. But what exactly are these offerings? How do they compare to each other and to traditional pen testing? This session will explain each methodology and cover the pros and cons of each approach. We'll also cover which technique works best for different uses cases (such as internal and external pen tests, as well as device testing and IoT). At each stage, live examples taken from pen testing engagements will be used to illustrate the efficacy or weakness of each methodology. Learning objectives: 1. Understand the weaknesses of traditional pen testing. 2. Understand and learn about crowdsourced pen testing and automated pen testing—what it is, including pros and cons. 3. Learn when to apply a pen testing methodology for different use cases.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (108)
Subscribers (15508)
(ISC)² Security Congress channel contains digital content of activities at (ISC)2's Flagship conference event. You'll find keynotes, sessions and related items.