Reconnaissance can be the most valuable part of a penetration test, especially when done right. There is so much to uncover, and often we can determine the success of an engagement by just stalking the target enough.
Web applications have quickly become the most widely available and deployed technology represented on the Internet, however some argue it is boring and it’s a lot of following checklists. We will see how we can work methodologies that ensures the discovery of interesting vulnerabilities, engages team efforts and generates higher value test outcomes!
Presentation will be held by Chris Dale. Chris is an IT enthusiast who had childhood dreams of becoming a hacker, Chris Dale’s path to a career in information security was set after his older brother hacked him. Today Chris uses his hacker skills to demonstrate risk via Offensive Services and Incident Response.
Chris began his career in 2009 working for a large Norwegian ISP, doing development and IT operations. “I really learned about how all things interconnect and work,” he says. Since then he’s worked for multiple companies in important roles, and his last job was the head of cyber security at a 60 man Cyber Security consulting firm. Here he managed several teams, including pen testing and incident response. In 2020, Chris founded his own company, River Security, specializing in offensive services, attack surface management and cyber consulting.
Chris is a certified instructor for SANS and a SANS Analyst, Chris teaches SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses, and is co-author of SEC550: Cyber Deception - Attack Detection, Disruption and Active Defense.”
If you wonder if your web app is secure, think again! You should not miss this session if you want to secure your web apps!