Paul’s Security Weekly (Audio)
Technology
Every penetration test should have specific goals. Coverage of the MITRE ATT&CK framework or the OWASP Top Ten is great, but what other value can a pentest provide by shifting your mindset further left or with a more strategic approach? How often do you focus on the overall ROI of your penetration testing program? This talk will explore what it means to “shift left” with your penetration testing by working on a threat informed test plan. Using a threat informed test plan will provide more value from your pentesting program and gain efficiency in your security testing pipeline. This talk applies to both consultants and internal security teams.
Segment Resources:
Hack Your Pentesting Routine WP: https://plextrac.com/resources/white-papers/hack-your-pentesting-routine/
Effective Purple Teaming WP: https://plextrac.com/effective-purple-teaming/
This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them!
In the Security News: submerged under blankets in a popcorn tin is where they found it, Indirect Branch Tracking, don't hack me bro, we're here from the government to scan your systems, Fizzling out security, static and dynamic analysis for the win, BYODC, Bring your own domain controller, application context matters, if you want an update better have an Intel CPU, one-time programs, urlscan is leaking, hacking load balancers, and its all about the company you keep.
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/psw763
Pen Testing As A Service - Seemant Sehgal - PSW #830
The Impacts Of Cryptocurrency - Nicholas Weaver - PSW #829
Corporate Ransomware Deep Dive - Jeremiah Grossman, Mikko Hypponen - PSW #828
Kicking Off With Crypto - PSW #827
Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826
PCI 4.0 - Winn Schwartau - PSW #825
Digging Into Supply Chain Security - James McMurry - PSW #824
XZ - Backdoors and The Fragile Supply Chain - PSW #823
Are we winning? - Jason Healey - PSW #822
Securing All The Things - Josh Corman - PSW #821
Memory Safety, Re-Writing Software, and OSS Supply Chains - Omkhar Arasaratnam - PSW #820
Facing the Reality of Risk Prioritization - Bianca Lewis (BiaSciLab), Dan DeCloss - PSW #819
Social Engineering: AI & Living Off The Land - Jayson E. Street - PSW #818
Illuminating Cybersecurity Wisdom: Insights from a Thought Leader - Wendy Nather - PSW Vault
Physical Security and Social Engineering - Hacker Heroes: Toby Miller - PSW #817
You Can’t Defend What You Can’t Define - Sergey Bratus - PSW #816
Identifying Bad By Defining Good - Danny Jenkins - PSW #815
What Smart CISOs and Mature Orgs Get That Others Don’t About Cyber Compliance - Matt Coose - PSW #814
K-12 Cybersecurity - Brian Stephens - PSW #813
The Evolution of Purple Teaming - Jared Atkinson - PSW #812
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Acquired