Penetration tests are probably the most common and recognized cybersecurity consulting services. Nearly every business above a certain size has had at least one pentest by an external firm.
Here's the thing, though - the average ransomware attack looks an awful lot like the bog standard pentest we've all been purchasing or delivering for years. Yet thousands of orgs every year fall victim to these attacks. What's going on here? Why are we so bad at stopping the very thing we've been training against for so long?
This Interview with Phillip Wylie will provide some insight into this! Spoiler: a lot of the issues we had 10, even 15 years ago remain today.
Segment resources:
- Phillip's talk, Optimal Offensive Security Programs from Dia de los Hackers last fall
Show Notes: https://securityweekly.com/esw-398
Popular Podcasts
40s and Free Agents: NFL Draft Season
Daniel Jeremiah of Move the Sticks and Gregg Rosenthal of NFL Daily join forces to break down every team's needs this offseason.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The Bobby Bones Show
Listen to 'The Bobby Bones Show' by downloading the daily full replay.