02. x33fcon 2018 – Open Source Pentesting by mubix
iSpeech
How many different types of pentest / "red team assessments" / "adversarial assessments" are there? EVERYONE pitches, sells, and performs them differently. How is a company supposed to gauge effectiveness of a program of these tests? In this talk, I will be talking through the different scenarios, how they are performed and who they are most effective for. I hope that we might start to standardize penetration tests, even if it's at a broad level. As well as give new firms and pentest 1099s a framework to start with.
----
The idea behind x33fcon (pronounced /'zi:f-kɒn/) is to focus on a very specific need of the security industry: collaboration between blue and red teams (sometimes referred to as purple teaming) It is an event that brings both groups together, and everyone from both sides of the fence are invited to gather, share ideas and discuss thoughts on security.
source
Gloss