Assumed Breach: A Better Model for Penetration Testing

Presented at DerbyCon 9.0 Finish Line (2019), Sept. 7, 2019, noon (45 minutes)

The current model for penetration testing is broken. The typical scan and exploit model doesn’t reflect how real attackers operate after establishing a foothold. At the same time, most organizations aren’t mature enough to need a proper red team assessment. It’s time to start adopting the assumed breach model. In this talk, I’ll discuss techniques for assumed breach assessments that provide a better model for emulating the techniques attackers use once they’re they’ve established a foothold inside a typical network.

Presenters:

• Mike Saunders
  Mike Saunders has over 25 years of experience in IT and security and has worked in the ISP, financial, insurance, and agribusiness industries. He has held a variety of roles in his career including system and network administration, development, and security architect. Mike been performing penetration tests for nearly a decade. Mike is an experienced speaker and has spoken at DerbyCon, BSides MSP, BSides Winnipeg / The Long Con, BSides KC, WWHF, and the NDSU Cyber Security Conference. He has participated multiple times as a member of NCCCDC Red Team.

Links:

• https://infocon.org/cons/DerbyCon/DerbyCon 9 2019/Assumed Breach A Better Model for Penetration Testing Mike Saunders.mp4
• https://infocon.org/cons/DerbyCon/DerbyCon 9 2019/Assumed Breach A Better Model for Penetration Testing Mike Saunders.eng.srt (subtitles)
• https://www.youtube.com/watch?v=PzTbOZ7f5WE

Similar Presentations:

• Wild West Hackin' Fest 2019 / Assumed Breach: A Better Model For Penetration Testing
• GrrCON 2014 / Breach Stains