Sign up to save your podcasts
Or
Share DtR Episode 40 - Breakers, Builders, and the Enterprise
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
DtR Episode 40 - Breakers, Builders, and the Enterprise
Send the hosts a message - try it now!
In this episode...
- Kevin, James and I discuss why penetration testing reports are often so worthless
- Kevin and I disagree. Then we agree, sort of.
- We discuss the major differences between the 'builder' and 'breaker' mindset, and whether they're actually different people
- Kevin gives some fantastic examples of how context and experience is critical in penetration testing
- We provide guidance no how someone can 'break into' (no pun intended) penetration testing and be effective
- Kevin gives an example of how someone can be a great penetration tester, but be of little value beyond that
- We wrap by disussing how enterprises can gain value from penetration testing- and Kevin provides an interesting strategy
Guest
- Kevin Johnson ( @SecureIdeas ) - Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is an instructor and author for the SANS Institute and a faculty member at IANS. He is also a contributing blogger at TheMobilityHub. Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.
Support the show
>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast
View all episodes
By Rafal (Wh1t3Rabbit) Los
4.3
9696 ratings
Send the hosts a message - try it now!
In this episode...
- Kevin, James and I discuss why penetration testing reports are often so worthless
- Kevin and I disagree. Then we agree, sort of.
- We discuss the major differences between the 'builder' and 'breaker' mindset, and whether they're actually different people
- Kevin gives some fantastic examples of how context and experience is critical in penetration testing
- We provide guidance no how someone can 'break into' (no pun intended) penetration testing and be effective
- Kevin gives an example of how someone can be a great penetration tester, but be of little value beyond that
- We wrap by disussing how enterprises can gain value from penetration testing- and Kevin provides an interesting strategy
Guest
- Kevin Johnson ( @SecureIdeas ) - Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is an instructor and author for the SANS Institute and a faculty member at IANS. He is also a contributing blogger at TheMobilityHub. Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.
Support the show
>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast
More shows like Down the Security Rabbithole Podcast (DtSR)
View all
Security Now (Audio)
1,966 Listeners
Risky Business
360 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
367 Listeners
Hacked
179 Listeners
CyberWire Daily
1,015 Listeners
Smashing Security
314 Listeners
Click Here
392 Listeners
Darknet Diaries
7,853 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
314 Listeners
Defense in Depth
78 Listeners
Cyber Security Headlines
117 Listeners
Risky Bulletin
33 Listeners
Hacker And The Fed
158 Listeners