SecurityMetrics Podcast | 10
Penetration Testing: The Humanity Behind the Hacking
Paul Poh (CISSP, CISM, CRISC, CIPP/US) has had an interest in cybersecurity since before the internet as we know it existed. From his first exposure to the “Morris Worm” in the early ‘90s as a software engineer at Tufts University, to his current role as Partner at Radical Security, Paul’s mixture of curiosity and wisdom have helped him maintain the perspective needed to be a successful penetration tester. He shares his insights with our Host Jen Stone (Principal Security Analyst, CISSP, CISA, QSA) on why it’s the small things that can take down an organization’s security.
“Your Software Development, Engineering, and DevOps can all be great. But a malicious actor can still break a password, attack your source code, and insert a backdoor that would then be pushed into production. You can do a great job protecting production, but if a hacker can find something small, they will.”
Listen in to learn:
Case studies that compare typical security measures to actual threats and vulnerabilities
Penetration testing requirements, preparation, tips, timing, timeline, and best practices
Tips for choosing a penetration testing firm and the surprising qualities that make for a good pentester
Download our Guide to PCI Compliance! - https://info.securitymetrics.com/pci-guide-2020
Download our Guide to HIPAA Compliance! - https://info.securitymetrics.com/hipaa-guide-2020
This podcast is available on all your favorite podcast platforms, such as:
[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.