Future Red Team Rants - Recording Available
I recorded this three-part series, Future Red Team Rants, last Wednesday in case you missed it. It's on YouTube.
Hello all,
It has been a while since we have talked about definitions and terms of things. Nothing packs people in like definitions and terms.
Years ago, in the early PCI compliance days, there were a number of tools that were proclaimed to be "automated pentesting tools."
It got so bad, that PCI had to clearly define that a penetration test is not the same as an automated scan. The clarification was a bummer for some people that were simply looking for checkboxes in spreadsheets.
History may not repeat, but it rhymes.
Badly.
We are at that point again.
This won't be me simply ranting for an hour.
In all honesty, it will be mostly that.
However, there are some really good things on the horizon. Things like continuous testing and automation of easy vulns. I will be talking about those too.
So, it is not all ranty.
Baby steps.
Thanks,
John Strand
BONUS: We have a BHIS webcast coming up this Thursday -- Things NOT to Do in Pentest Reports: Tips, Tricks, and Traps in Report Writing. w/ Bronwen Aker
Register: https://zoom.us/webinar/register/4116746676734/WN_yKapi7ElTr20RSZUiQzbcg
Information Security | CISSP, GIACx5
2 年AKA "Grumpy Old Security Dudes"?
Realtor Associate @ Next Trend Realty LLC | HAR REALTOR, IRS Tax Preparer
2 年Thanks for the updates on, The BHIS Infosec Newsletter.
Senior Solutions Engineer
2 年Me clicking on this because I thought it said "Red Team Pants"