Published on October 30th, 2011 📆 | 1644 Views ⚑
0DEFCON 19: Are You In Yet? The CISO's View of Pentesting
https://www.ispeech.org
Speaker: Shrdlu
When a CISO pays good money for a thorough pentesting, she wants results. Not necessarily the ones that the pentester had in mind, either. Whether the time allotted is too short, the pentester has to achieve multiple objectives, or they disagree on the severity of the findings, both the CISO and the pentester have to agree on both sides of the engagement. We discuss numerous aspects of voluntary pwnage: the differences between a security assessment and a penetration test, what color of box works best, tweaking the objectives for more targeted results, and ensuring a happy ending.
For more information visit: http://bit.ly/defcon19_information
To download the video visit: http://bit.ly/defcon19_videos
Playlist Defcon 19: http://bit.ly/defcon19_playlist
2011-10-30 20:56:59
source
Gloss