Paul's Security Weekly Subscribe

The State Of Penetration Testing Panel – PSW #677

December 10, 2020

Join us for a lively discussion surrounding the topic of penetration testing. Sure, we've called out differences between vulnerability scanning and penetration testing. Moving past this particular issue, we'll explore how to effectively use penetration testing in your environments.

This segment is sponsored by Core Security, A Help Systems Company.

Visit https://securityweekly.com/coresecurity to learn more about them!

Sponsored By

Full episode and show notes

Guests

Faculty at IANS Research, President at SANS Technology Institute, and Founder of Counter Hack

Ed Skoudis is a Faculty member at IANS Research and the founder of Counter Hack, a company focused on conducting ultra high-quality penetration tests and red team engagements to help organizations better manage their cyber risks. Ed is a SANS Fellow, author, and instructor who has trained over 20,000 cyber security professionals in the art of penetration testing and incident response. Ed is an expert witness who is often called in to analyze large-scale breaches.

Director, Malware Threat Research at Qualys

http://qualys.com/

Travis is the Director of Malware Threat Research at Qualys. He has spent the past 15 years in the security industry with a focus on digital forensics and incident response. He holds a wide array of certifications ranging from GIAC Certified Penetration Tester to the CISSP, as well as an MBA with a concentration in information security. Travis has presented his research at conferences worldwide at venues such as BlackHat, RSA, and SecTor.

Security Consulting Services, Director at Core Security, a HelpSystems Company

http://helpsystems.com/

Diego Sor is the Director of Security Consulting Services at Core Security. With more than 20 years of experience in the security industry, first as a software developer and then as security consultant, Diego is passionate about new testing strategies, methodologies, and offensive security research. His primary focus and expertise is delivering infrastructure and application security penetration tests.

Hosts

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

Professor at Roger Williams University

https://securedigitallife.com/

Sr. InfoSec Consultant at Online Business Sytems

https://www.obsglobal.com/

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Vice president of services at Finite State

@haxorthematrix

https://www.finitestate.io/

https://breakstuffforfun.com/

Retired Senior Cyber Advisor at Lawrence Livermore National Laboratory

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

http://darkelement.io/

Related

Smart Cybersecurity Spending, as CISOs Architect Resilience and Grade Themselves – BSW #387

March 19, 2025

In the leadership and communications segment, Smart cybersecurity spending and how CISOs can invest where it matters, Grading CISOs: Effective Metrics and Personal Growth Strategies, The Pandemic Proved that Remote Leadership Works, and more!

Breaking Down Human-Element Breaches To Improve Cybersecurity – Jinan Budge – BSW #387

March 19, 2025

Organizations continue to suffer from security breaches, too many of which contain a human element. But there’s no consistent definition of the risk posed by human-related breaches, and recommendations are often limited to security awareness and training (SA&T). Understanding the depth and breadth of human-related breaches is critical to implem...

Vulnerability Management

Angry Iguana, Squid Bot, Bruted, 0Auth, Dragon Medical, Clippy 2.0, CISA, Josh Marpet – SWN #460

March 18, 2025

Angry Iguana, Squid Bot 9000, Bruted, 0Auth, Dragon Medical One, Clippy 2.0, CISA, Josh Marpet, and more on the Security Weekly News.