Secure Penetration Testing Operations Black Hat USA 2016 August 3, 2016
August 3, 2016
Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools
Black Hat USA 2016
Las Vegas, NV
Join Director of Cyber Operations Wesley McGrew, Ph.D., as he presents Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools at Black Hat USA 2016.
Following previous presentations on the dangers penetration testers face in using current off-the-shelf tools and practices, this presentation explores how widely available learning materials used to train penetration testers lead to inadequate protection of client data and penetration testing operations. With widely available books and other training resources targeting the smallest set of prerequisites, in order to attract the largest audience, many penetration testers adopt the techniques used in simplified examples to real world tests, where the network environment can be much more dangerous. Malicious threat actors are incentivized to attack and compromise penetration testers, and given current practices, can do so easily and with dramatic impact. This presentation will include a live demonstration of techniques for hijacking a penetration tester's normal practices, as well as guidance for examining and securing your current testing procedures. Tools shown in this demonstration will be released along with the talk.
For more information about this conference, click here.