September 2018 - Breach and Attack Simulation

Tribe of Hackers Spotlight: David Kennedy

David Kennedy David Kennedy is the founder of TrustedSec, Binary Defense, and DerbyCon. TrustedSec and Binary Defense are focused on the betterment of the security industry from both a defensive and offensive perspective. He also serves on the board of directors for the (ISC)2 organization. Formerly, David was the CSO for Diebold Incorporated, where he

Continue Reading

Tribe of Hackers Spotlight: Lesley Carhart

Lesley Carhart Lesley Carhart (GCIH, GREM, GCFA, GPEN, B.S. Network Technologies, DePaul University) is an 18-year IT industry veteran, including nine years in information security (specifically, digital forensics and incident response). She speaks and writes about digital forensics and incident response, OSINT, and information security careers. She is highly involved in the Chicagoland information security

Continue Reading

Tribe of Hackers Spotlight: Jayson E. Street

  Jayson E. Street Jayson E. Street is a co-author of the Dissecting the Hack series. He is also the DEF CON Groups Global Ambassador and the VP of InfoSec for SphereNY. Jayson has spoken on a variety of information security subjects, including events at DEF CON, DerbyCon, GrrCon, and several other cons and colleges.

Continue Reading

Breach and Attack Simulation vs. Pen test

Breach and Attack Simulation (BAS) is growing in popularity within the cybersecurity space. While this simulation-centric approach is gaining ground, a large majority of cybersecurity professionals have yet to adopt the technology. This is largely due to the fact that most cybersecurity professionals primarily utilize penetration tests to validate the network security posture and controls. What is

Continue Reading

Tribe of Hackers Spotlight: Wendy Nather

  Wendy Nather Wendy Nather is a mild-mannered threat intelligence research director by day and a former Analyst and CISO in the public and private sectors. Warning: This interview may contain snark. Twitter: @wendynather Website: http://idoneous-security.blogspot.com/   Don’t know what the Tribe of Hackers is? Check it out here!   If there is one myth

Continue Reading

What is a Breach and Attack Simulation?

BAS — maybe you’ve heard of it. It’s gaining steam in cybersecurity now that the MITRE ATT&CK framework is being adopted by blue teams and red teams. We’ve talked to everyone from penetration testers to bank executives who are leveraging Breach and Attack Simulation (BAS) to influence their craft. Pentesters are using it to define

Continue Reading