Tag: red team
-
The Ian Amit Spectrum of Pentesting Efficacy
It’s been a while since I posted (duh), but recently I’ve had something brewing in my mind that appeared to not have been clearly discussed before, so here goes. I’ve been seeing some discussions and ambiguity around pentesting, vulnerability assessment, and red teaming (again – no huge shocker for those of us in the industry).…
-
ISTS12 Keynote and Red Team
I’ve had the pleasure and the honor to keynote this year’s ISTS (Information Security Talent Search) that ran at the Rochester Institute of Technology (RIT). Additionally I was also fortunate to get a seat with the Red Team during the event itself and work closely with some of my friends and colleagues. It has been…
-
Do as I say, not as I do. RSA, Bit9, Adobe, and others…
So you thought you had everything nailed down. You might have even gone past the “best practice” (which would have driven you to compliance, and your security to the gutter), and focused on protecting your assets by applying the right controls in a risk-focused way. You had your processes, technologies, and logs all figured out.…