Prowling Better Penetration Testing

Explore penetration testing techniques and best practices in this conference talk from Converge 2018. Delve into fundamental concepts such as castle-like security, constant monitoring, and encryption. Examine historical perspectives from RAND Corporation, James P Anderson, and Eric Lipton. Analyze data breach reports and learn about network segmentation, physical controls, and AppLocker. Discover the importance of passive network sniffing, audit controls, and data loss prevention. Investigate real-world scenarios, including a true story from the Michigan Security Community. Gain insights into identifying vulnerabilities, gaps, and design decisions in systems management. Enhance your prowling skills and improve your approach to penetration testing through this comprehensive exploration of security concepts and strategies.

Intro
Fundamentals
Castles
Constant Monitoring
RAND Corporation
James P Anderson
Eric Lipton
Encryption
Data Breach Report
Segmentation
Network Monitoring
Other Controls
Physical Controls
Does the Control Exist
The Michigan Security Community
A True Story
AppLocker
Safe Mode
Passive Network Sniffer
Can the control be circumvented
Bells on the string
Audit controls
Data loss prevention
Operationalized controls
Simple but complex
Find a vulnerability
Identify gaps
Anderson
Bonus Round
Design Decisions
Systems Management System