Abstract: Every year the pen testers (or bad guys) come in, they find that one missing 08_067 or default tomcat password and own the network. This talk was inspired by the frustration of constantly running into the same exact issues on penetration tests, and the huge challenge IT has in securing their network. This talk will go over the top security failures we find and more importantly easy things blue teams can do to get rid of the low hanging fruit and make your pen testers work hard to escalate privileges. This will not simply highlight vulnerability scans results, but things we see vulnerability scanners consistently miss. Things from network traffic manipulation (network protocols and client side services) and go over automated ways you can easily find those bad passwords, exploitable machines, default tomcats, SQL issues, reused local admin, and more, with some quick tricks to mitigate the problems that have plagued our industry for years. There is no blinky box involved; this talk is all about things security engineers can do quickly without breaking the budget, but still having a real impact on network security. Author Bio: Matt Kelly is a senior consultant with EY’s Advanced Security Center focused on attack and penetration. Previously Matt was a security consult for Crowe Horwath. His primary focus is in penetration testing ranging from network, web application, physical security and wireless assessments. Matt recently moved to Houston from Chicago and hasn’t stopped sweating since. Also – boilerup!
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek