Monday, May 3, 2010

Penetration Testing in the Real World

The crew over at Offensive Security has taken the time to produce and publish a 17 minute technical video describing a summarized version of an actual penetration test. While several mistakes were clearly made by the target network, none of the errors were unheard of, even in well-managed corporate environments.

This is probably one of the best examples of penetration testing that I have seen in quite a while. The story is told by "muts" from Offensive Security, which is a training and consultancy company that I highly respect.

Offensive Security's training offerings are high quality for a low price, and definitely something that I highly recommend to look into (Disclaimer: I hold the Offensive Security Certified Professional Certification).

While the course content may not be 100% state-of-the-art, the attacks and exploits in it are still highly applicable in many organizations. Furthermore, the way-of-thinking that is introduced by this class is unparalleled.

After viewing the video, I think you'll have a whole new perspective on these things.

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.