Pen Testing, Part 1 w/ Dmitry Zagadsky – SCW #56

Security Weekly Productions Compliance, Dmitry Zagadsky, ethical hacker, ethical hacking, exploits, Hacked, hacker, hacking, incident response, Intrusion Detection, Jeff Man, Josh Marpet, Liam Downward, log analysis, logging, pci, penetration testing, Policy, privacy, ransomware, risk management, Scott Lyons, security services, SIEM, SOAR, Threat Hunting, threat intelligence, threats, vulnerabilities December 15, 2020

The penetration testing mythology as it applies to information security is all screwed up. If nothing else, we’re going to attempt to define a penetration test, focus on the goals, and what should be in a report. You better believe there is going to be an overarching “PCI” context to this discussion. Visit https://www.securityweekly.com/scw for all the latest episodes!

Full Episode Show Notes

Pen Testing, Part 1 w/ Dmitry Zagadsky

Dmitry’s Bsides Boston talk, “Don’t End Up With a Pencil: Tips for Shopping Pen Tests” – https://youtu.be/Wr4UxdUa2aI

Jeff’s talk, “Do We Still Need Pen Testing?” from CircleCityCon 2015 – https://youtu.be/R13Bo8l9M5M

NIST SP800-115, Technical Guide to Information Security Testing and Assessment” – https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf

The Penetration Testing Execution Standard (PTES) – http://www.pentest-standard.org/index.php/Main_Page

PCI Security Standards Council’s Penetration Testing Guidance https://www.pcisecuritystandards.org/documents/Penetration-Testing-Guidance-v1_1.pdf?agreement=true

Hosts

Guests

Announcements

In our final technical training of 2020, our friends from Vulcan Cyber will show you how to move beyond vulnerability scan, to vulnerability fix! Visit https://securityweekly.com/webcasts to register or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Pen Testing, Part 1 w/ Dmitry Zagadsky – SCW #56

Pen Testing, Part 1 w/ Dmitry Zagadsky

Hosts

Guests

Announcements

Related Posts