11:30 am - 12:00 pm - Registration Open
- Sign in and grab some RedLegg swag! Meet some of your neighbors before we get started.
12:00 pm - 1:00 pm - Kick-off & Lunch
- We’ll also serve lunch to fuel you up for a content heavy afternoon.
1:00 pm - 4:00 pm - Sessions
- What Pen Testing Is(n’t) – Many companies who buy a pen test don’t have a testing goal. Learn the differences between Vulnerability Assessment and Pen Testing, and reflect on your own company’s cybersecurity and coverage needs to have an accurate view of the state of your security posture.
- Pen Testing Basics – While pen testing has many heads, basic commonalities exist across the testing disciplines. From discovering targets to threat modeling, we’ll walk you through the mind of an expert pen tester and what you can expect to happen when testing your own company’s cybersecurity.
- Getting The Most Out of Your Testing – Building a comprehensive security program is a marathon, not a sprint. Pen test reports can be overwhelming, not just because of the amount of data but also the sense of responsibility. Learn how to effectively, and calmly, leverage your test results and maximize your deliverable to build a better security program.
- Scoping Pitfalls – Proper scoping requires a proper mindset. Learn what to look for while scoping, how to prepare for a scope with a third party tester, what kind of reporting is available, and how to avoid that scope creep.
- Threat Modeling – RedLegg has encountered many challenges in conducting pen tests and we have some examples to share about network systems, web apps, physical, and social pen testing. Learn those challenges, solutions, and common defenses your company can use to improve your security posture, and also learn how attackers may get around those defenses.
- Network Pen Testing: Deep Dive – Unlike most of us, pen testing has many heads. Get an overview of the pen testing world and the different areas of testing available to better your security posture and to help you discover security gaps that may be putting your company at risk.
- Careful With That Axe, Eugene – Self-testing should be part of a standard cybersecurity operations, but it’s not the only testing a security team should conduct. Uncover the potential gotchas of self-testing and what can bring more weight to your pen tests.
4:00 pm - 4:30 pm - Workshop Wrap-Up
- Say it isn't so! We'll close out the day with some final thoughts, but if you want to stick around, we're happy to help answer any questions.
4:30 pm - 6:30 pm - Happy Hour (Optional)
- Join the RedLegg team to unwind and close the day out!