At our next meeting, Tony will be giving his presentation titled:
Stupid Things Pentesters Do: Frustrations of an Internal Security Guy.
Many of us have heard about point n click pentesters and firms that deliver Nessus reports as penetration tests. That is not what this talk is about. It is about penetration testers not only failing to deliver value but also creating scenarios that create additional risk for their customers. Testing often creates availability concerns but far more importantly, improper testing activities and ignorance of data handling can generate significant exposure of sensitive information. Even worse, customers don’t know what to expect from their consultants and this disconnect creates a scenario where the business value they were hoping to realize never materializes and they never realize how badly they just got punk’d. And paid for the privilege. But at least the auditor is happy. Join us as we explore some of these issues and identify how customers can become smarter consumers, consultants can build a stronger brand and protect their customers interests. Truly, unicorns will fart rainbows and kittens and shellcode.
3 thoughts on “Upcoming Presentation”
I’d like to come and check out a meeting. When and where is the next one?
I’ll post the next meeting up in a couple days. Typically, it is the last Friday of the month give or take a week for scheduling conflicts. We’re targeting 2/24 or 3/2 for the next one, though.
I am using OSSEC for local noertwk security and i am finding it weary useful!I am aver that you have lots of questions about similar problems but i am left out of options so i need to ask you directly.I am building decoder and i am having problem with date format. Problem is in letter “t” in date format. so if you can advise me where to look or give me regex for this date format i would be greatly thankful.Thank you in advance.Gojko