DEF CON 24 Secure Penetration Testing Operations August 6, 2016
August 6, 2016
Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools
DEF CON 24
Las Vegas, NV
Join Director of Cyber Operations Wesley McGrew, Ph.D., as he presents Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools at DEF CON 24.
Following previous presentations on the dangers penetration testers face in using current off-the-shelf tools and practices (Pwn the Pwn Plug and I Hunt Penetration Testers), this third presentation explores how widely available learning materials used to train penetration testers lead to inadequate protection of client data and penetration testing operations. With widely available books and other training resources targeting the smallest set of prerequisites, in order to attract the largest audience, many penetration testers adopt the techniques used in simplified examples to real world tests, where the network environment can be much more dangerous. Malicious threat actors are incentivized to attack and compromise penetration testers, and given current practices, can do so easily and with dramatic impact.
For more information about this conference, click here.