Beyond Automated Testing

Presented at BSidesDC 2016, Oct. 22, 2016, 2:30 p.m. (50 minutes).

Have you ever run a vulnerability scan and thought “Okay… now what?” This talk is all about how to go beyond automated testing to find vulnerabilities that scanners miss. The goal of the talk is to help inspire others to reach beyond Nessus and Burp Suite scans to help their organization identify vulnerabilities that expose high impact risk.


Presenters:

  • Zachary Meyers - Offensive Security Engineer at BreakPoint Labs
    Zack Meyers is a business oriented guy that then became a motivated InfoSec geek after getting started as a continuous monitoring vulnerability analyst. Shortly after, he took an interest in the offensive side of security work and currently works as an Offensive Security Engineer at BreakPoint Labs. Today he is always looking to learn about new techniques and tools that can help him identify his next big vulnerability finding. He is currently a member of Primal Security Blog | Podcast and holds several security certifications including OSCP, CISSP, GWAPT, GPEN, GCIH, etc.
  • Andrew McNicol - CTO at BreakPoint Labs
    Andrew McNicol is driven by his passion for helping organizations identify exploitable vulnerabilities before an adversary. He is currently the CTO at BreakPoint Labs specializing in offensive security services, mentor for SANS, and one of the founders and lead authors of Primal Security. Previously, he lead a penetration testing team and worked on an incident response team focusing on malware analysis and network forensics for DoD, Law Enforcement, and Commercial companies. Andrew holds an M.S. in Information Assurance, and variety of InfoSec qualifications (OSCE, OSCP, OSWP, GICSP, GCFA, GCIA, GCIH, GPEN, GREM, GSEC, GWAPT, GWEB, CISSP, CEH, etc.)

Links:

Similar Presentations: