How to Defend Against Penetration Testers And Win
Paul Asadoorian at BSides Boston 2017
Do you believe you have what it takes to secure a network against a penetration test? Attend this talk to find out how you can be successful against penetration tests and real-world attackers. Most penetration tests are too EASILY successful; let's work together to change this!
Many believe that breaking into a company’s network requires custom exploits, nation-state level backdoors, and super powers. In fact, most of the time it's about guessing passwords and exploiting very well-known (and fixable) conditions in your network.
This talk will guide you through securing your network the smart way, focused on closing those tried and true holes commonly exploited, but often left open by defenders. These include:
Addressing authentication and authorization across all systems and applications
Setting very carefully placed traps and alarms for the attackers
Looking at a specific behavior on your network to uncover unauthorized access
Don’t think this will be easy. It's not. Attackers have a clear advantage and the defensive measures proposed require work more so than products. It may require you change things that impact culture and challenge notions such as “but, that’s the way we’ve always done it.” It's okay, we’ll coach you on some communications as well!
In the end, you’ll learn it's not about winning; it's about getting better. If you can learn from penetration testers, that knowledge is extremely valuable. However, this talk is going to tell you what most penetration testers have in common and how to fix your architecture, culture, and behavior, resulting in so much win.
Many believe that breaking into a company’s network requires custom exploits, nation-state level backdoors, and super powers. In fact, most of the time it's about guessing passwords and exploiting very well-known (and fixable) conditions in your network.
This talk will guide you through securing your network the smart way, focused on closing those tried and true holes commonly exploited, but often left open by defenders. These include:
Addressing authentication and authorization across all systems and applications
Setting very carefully placed traps and alarms for the attackers
Looking at a specific behavior on your network to uncover unauthorized access
Don’t think this will be easy. It's not. Attackers have a clear advantage and the defensive measures proposed require work more so than products. It may require you change things that impact culture and challenge notions such as “but, that’s the way we’ve always done it.” It's okay, we’ll coach you on some communications as well!
In the end, you’ll learn it's not about winning; it's about getting better. If you can learn from penetration testers, that knowledge is extremely valuable. However, this talk is going to tell you what most penetration testers have in common and how to fix your architecture, culture, and behavior, resulting in so much win.