Presented at
Wild West Hackin' Fest 2017,
Oct. 27, 2017, 9:50 a.m.
(45 minutes).
How many different types of pentest / “red team assessments” / “adversarial assessments” are there? EVERYONE pitches, sells, and performs them differently. How is a company supposed to gauge effectiveness of a program of these tests? In this talk, I will not only be talking through my list of tests, but open sourcing all of the documents to support it right here at WWHF 2017. I hope that we might start to standardize penetration tests, even if it’s at a broad level. As well as give new firms and pentest 1099s a framework to start with. Want to get a sneak peak, game for providing feedback? DM me on Twitter for the link to the docs. Have a question before or during the talk? Go to [slido.com](http://slido.com/) and join #OSPT starting Oct 24.
Presenters:
-
Rob Fuller / mubix
as Rob Fuller
Rob has over 11 years of experience covering all facets of information security. He has been behind the lines helping to design, build, and defend the US Marine Corps, US Senate, and Pentagon networks - as well as performing penetration tests and Red Team assessments against those same networks. More recently, Rob has performed numerous successful Red Team assessments against commercial Fortune 50 companies representing some of the best defensive teams in the industry.
Rob’s experience and expertise ranges from embedded and wireless devices in industrial control system networks to standard corporate IT infrastructures and domains. He is a frequent speaker at a number of well-known security conferences, including ShmooCon, DefCon, DerbyCon, CarolinaCon, Area41, RVASec, and HackCon; and teaches both the Metasploit Basics and Mastery classes at BlackHat USA. He has also served as a technical advisor for HBO’s show Silicon Valley and hosts his own show called “Metasploit Minute” for Hak5 (Discovery Channel).
Rob has acquired a number of certifications and awards over the years, but the ones he holds above the rest are father, husband, and United States Marine.
Links:
Similar Presentations: