40 min listen
Unavailable
Currently unavailable
DtR Episode 40 - Breakers, Builders, and the Enterprise
Currently unavailable
DtR Episode 40 - Breakers, Builders, and the Enterprise
ratings:
Length:
46 minutes
Released:
May 13, 2013
Format:
Podcast episode
Description
In this episode...
Kevin, James and I discuss why penetration testing reports are often so worthless
Kevin and I disagree. Then we agree, sort of.
We discuss the major differences between the 'builder' and 'breaker' mindset, and whether they're actually different people
Kevin gives some fantastic examples of how context and experience is critical in penetration testing
We provide guidance no how someone can 'break into' (no pun intended) penetration testing and be effective
Kevin gives an example of how someone can be a great penetration tester, but be of little value beyond that
We wrap by disussing how enterprises can gain value from penetration testing- and Kevin provides an interesting strategy
Guest
Kevin Johnson ( @SecureIdeas ) - Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is an instructor and author for the SANS Institute and a faculty member at IANS. He is also a contributing blogger at TheMobilityHub. Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.
Kevin, James and I discuss why penetration testing reports are often so worthless
Kevin and I disagree. Then we agree, sort of.
We discuss the major differences between the 'builder' and 'breaker' mindset, and whether they're actually different people
Kevin gives some fantastic examples of how context and experience is critical in penetration testing
We provide guidance no how someone can 'break into' (no pun intended) penetration testing and be effective
Kevin gives an example of how someone can be a great penetration tester, but be of little value beyond that
We wrap by disussing how enterprises can gain value from penetration testing- and Kevin provides an interesting strategy
Guest
Kevin Johnson ( @SecureIdeas ) - Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is an instructor and author for the SANS Institute and a faculty member at IANS. He is also a contributing blogger at TheMobilityHub. Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.
Released:
May 13, 2013
Format:
Podcast episode
Titles in the series (100)
DtSR Episode 349 - Verizon 2019 DBIR Double-Live Part 2: Guest: Gabriel Bassett by Backpacking Light Magazine Podcasts