The Role of Pentesting and Continuous Validation | Dan DeCloss | WWHF 2023
Вставка
- Опубліковано 9 чер 2024
- 🔗 Join us in-person and virtually at our Wild West Hackin' Fest: information security conferences - wildwesthackinfest.com/
We all know that delivering the final pentest report isn’t the end of the road. It's really just the beginning - and it should be. Annual pentests are becoming a thing of the past in favor of strategies that involve shorter iterative cycles of testing, remediation, and validation. So where does pentesting fit into a continuous validation paradigm? This talk will overlay the pentesting and continuous validation life cycles to show how pentesters can deliver more value post engagement and set the stage for their organizations or clients to conduct more frequent, more productive pentests.
Dan DeCloss, the founder and CTO of PlexTrac, has over 17 years of experience in cybersecurity. Dan started his career in the Department of Defense and then moved on to the private sector where he worked for various companies including Telos, Veracode, Mayo Clinic, and Anthem. Dan’s background is in application security and penetration testing, involving hacking networks, websites, and mobile applications for clients. Prior to PlexTrac, Dan was the director of cybersecurity for Scentsy where he and his team built the security program out of its infancy into a best-in-class program.
Dan has a master’s degree in Computer Science from the Naval Postgraduate School with an emphasis in Information Security. Additionally, Dan holds the OSCP and CISSP certifications. Dan has a passion for helping everyone understand cybersecurity at a practical level, ensuring that focus is on the right work to reduce risk. Dan can be reached on LinkedIn at / ddecloss or on X (Twitter) @wh33lhouse
///Black Hills Infosec Socials
Twitter: / bhinfosecurity
Mastodon: infosec.exchange/@blackhillsi...
LinkedIn: / antisyphon-training
Discord: / discord
///Black Hills Infosec Shirts & Hoodies
spearphish-general-store.mysh...
///Black Hills Infosec Services
Active SOC: www.blackhillsinfosec.com/ser...
Penetration Testing: www.blackhillsinfosec.com/ser...
Incident Response: www.blackhillsinfosec.com/ser...
///Backdoors & Breaches - Incident Response Card Game
Backdoors & Breaches: www.backdoorsandbreaches.com/
Play B&B Online: play.backdoorsandbreaches.com/
///Antisyphon Training
Pay What You Can: www.antisyphontraining.com/pa...
Live Training: www.antisyphontraining.com/co...
On Demand Training: www.antisyphontraining.com/on...
Antisyphon Discord: / discord
Antisyphon Mastodon: infosec.exchange/@Antisy_Trai...
///Educational Infosec Content
Black Hills Infosec Blogs: www.blackhillsinfosec.com/blog/
Wild West Hackin' Fest UA-cam: / wildwesthackinfest
Antisyphon Training UA-cam: / antisyphontraining
Active Countermeasures UA-cam: / activecountermeasures
Threat Hunter Community Discord: / discord
Join us at the annual information security conference in Deadwood, SD (in-person and virtually) - Wild West Hackin' Fest: wildwesthackinfest.com/
QA has different issues