It’s Not About the “Warm Fuzzy” – How to Plan for a Comprehensive Penetration Exercise

Expo Theatre (Hall G) October 18, 2011 - Feedback     

Bookmark and Share

Kai Axford

It’s time for your annual, mandated penetration test. It may not be accurate, but who cares? You passed! Your boss has a “warm fuzzy”! But where is the business value in testing the perimeter if the perimeter is not the target? It’s time we stopped kidding ourselves and started looking at testing that actually does some good. The bad guys aren’t going try to exploit a web application and then stop because your boss decided that social engineering was deemed “out of scope”. Join Kai Axford and his team of experts as they provide first-hand experience in explaining how to design and plan for a test that will actually work towards making you secure, not just compliant, and allow you to gain some true business value out of the exercise.