This course teaches advanced scanning techniques by using a real-world scenario to demonstrate how these techniques help to solve problems in an example work environment. In this course you (or you and your team) will take on the role of a brand new security engineer for a financial company. You will be tasked with configuring and auditing a system to be used within your network environment. The system, and associated applications, make up the environment used to manage the business. Currently, the old systems are in place and an upgrade is planned. The current vulnerability scanning process takes over a week to complete and there is duplication of effort and a known false positive rate. Additionally, breaches have occurred on the network and your company is in jeopardy of being fined due to compliance violations. The vulnerability management process is missing vulnerabilities that were exploited by attackers. A sample system has been provided for you, that exactly mirrors what will be used in production, right down to the passwords and configuration.
Paul Asadoorian - Biography
Paul Asadoorian is currently the “Product Evangelist” for Tenable Network Security, where he showcases vulnerability scanning and management through blogs, podcasts and videos. Paul is also the founder of PaulDotCom, an organization centered around the award winning “PaulDotCom Security Weekly” podcast that brings listeners the latest in security news, vulnerabilities, research and interviews with the security industry’s finest. Paul has a background in penetration testing, intrusion detection, and is the author of “WRT54G Ultimate Hacking”, a book dedicated to hacking Linksys routers.
More information on the course can be found here.
- Announcing BruCON Training #4: Assessing and Exploiting Web Applications with Samurai-WTF
- Announcing BruCON Training #3: Social engineering (for pentesters)