Prowling Better Penetration Testing
Offered By: YouTube
Course Description
Overview
Explore penetration testing techniques and best practices in this conference talk from Converge 2018. Delve into fundamental concepts such as castle-like security, constant monitoring, and encryption. Examine historical perspectives from RAND Corporation, James P Anderson, and Eric Lipton. Analyze data breach reports and learn about network segmentation, physical controls, and AppLocker. Discover the importance of passive network sniffing, audit controls, and data loss prevention. Investigate real-world scenarios, including a true story from the Michigan Security Community. Gain insights into identifying vulnerabilities, gaps, and design decisions in systems management. Enhance your prowling skills and improve your approach to penetration testing through this comprehensive exploration of security concepts and strategies.
Syllabus
Intro
Fundamentals
Castles
Constant Monitoring
RAND Corporation
James P Anderson
Eric Lipton
Encryption
Data Breach Report
Segmentation
Network Monitoring
Other Controls
Physical Controls
Does the Control Exist
The Michigan Security Community
A True Story
AppLocker
Safe Mode
Passive Network Sniffer
Can the control be circumvented
Bells on the string
Audit controls
Data loss prevention
Operationalized controls
Simple but complex
Find a vulnerability
Identify gaps
Anderson
Bonus Round
Design Decisions
Systems Management System
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube