Dude, You're Getting a Pentest!

Mike McCabe and Rinaldi Rampen present Dude, You're Getting a Pentest!

Having your applications assessed by a third party has become a requirement for most companies. Compliance, business partner requirements and industry best practices mean assessments must be done. For people going through the process the first time, it can be painful. Applications can be knocked over, databases filled with test data and errors galore. Preparing for and having an understanding what to expect from a penetration test (“pentest”) can make your developers and operations folks lives much less stressful. We will also cover how to make the most of your time and money before and after the assessment.

• Discussing why you would need a security assessment
• What to prepare to get the most of your assessment
• What to expect during the assessment
• How to get the most from the consulting engagement, tricks of the trade, etc
• Further resources to enhance your own internal assessment program

Mike McCabe has worked as a consultant and executive, helping build a consulting practice where he lead many companies through assessments. He has done assessments of hundreds of applications and managed many more. He’s a big fan of Ruby and works on the OWASP Railsgoat project. He’s currently working on a data exfiltration product.

Rinaldi Rampen has performed hundreds of security assessments to assist companies in uncovering and validating security risks and vulnerabilities. Most recently, he has successfully built and led Global Security Programs and security & IT teams for highly dynamic corporate environments.