Skip to content

Details

# Talk

Penetration testing intends to improve an organisation's security posture. However, such a potentially invasive process can often provide pentesters with significant or, in some cases, unprecedented access to an organisation's most sensitive systems. Without considering the results of their actions, or the behaviours of their tooling, pentesters can leave remnants of their privileged activities for real attackers to find, or even be detrimental to the overall security posture of the organisation by changing the state of play to benefit a real attacker. ​

This talk aims to address some of the key operational risks in the daily life of a penetration tester, provide guidance to penetration testers to reduce any potential negative impact towards their target network, and to accentuate the point that Twitter is not always a great source of real-world penetration testing techniques.

# Speaker: Troy Defty (@5ud0ch0p)

Having worked in the UK and Australian InfoSec industries for around a decade, and following 8 and a half years of penetration testing, Troy recently jumped the proverbial fence from red to blue, and is currently a Security Engineering Manager of an internal detection team. His interest and experience is in detection engineering, red teaming, threat modelling, and assessing ICS environments. Other interests include music, electronics, the outdoors, travel, rugby, CTF, and being bad at golf.

# Sponsors

Google (we are hiring! https://goo.gle/seceng-syd)
Amazon Information Security (https://j.mp/3eiTfEC)
SecDim (https://secdim.com)

# Notes

Related topics

Events in Sydney
Cybersecurity
Penetration Testing
Hacking
Information Security

You may also like