Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment
Header of Horizon3.ai Europe GmbH
Forums it-sa Expo Knowledge Forum A

Go Hack Yourself – Stories from 70,000 pentests

The presentation emphasizes the critical need for continuous security testing.

Buy trade fair ticket

You can register for this action soon.

You can register for the digital action soon.

Please come back at the scheduled date and time.

The action is currently live. Please scroll down to watch.

This action is only available onsite: Forums it-sa Expo

Save and remember action
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.

Add action to bookmarks and download as iCal

Join now

Note: If you continue, the contact data you provided during registration may be transmitted to the respective provider in accordance with our General Terms and Conditions.

This action has already taken place. This action will soon be available as a video.

This action has already taken place. Please scroll down to watch the video.

This action has already taken place. It's not available any more.

You are in!

Your ticket / access to the action was sent to you by email.

There is a problem with the action at the moment. Please come back later or contact support.

calendar_today Thu, 24.10.2024, 10:00 - 10:15

event_available On site

place Forum, Booth 6-215

Action description

south_east

Speaker

south_east

Themes

Awareness / Phishing / Fraud Cloud Security Data protection / GDPR Data security / DLP / Know-how protection Governance, Riskmanagement and Compliance Network Security / Patch Management Trend topic

Key Facts

  • Attackers don´t hack in, they log in
  • Credentials are the everyday zero-day
  • Peacetime versus Wartime Security Mindset

Organizer

Event

This action is part of the event Forums it-sa Expo

Action description

Assessing Security Effectiveness: Questions if organizations are fixing the right vulnerabilities, logging proper data, and configuring tools correctly. It emphasizes that time is a critical factor in addressing vulnerabilities, with mass exploitation often occurring within seven days.

Cognitive Biases in Cybersecurity: Highlights biases such as confirmation and anchoring bias, affecting how security teams approach potential threats.

Attack Techniques: Lists top techniques used by attackers, such as brute-forcing weak credentials, exploiting misconfigurations, and lateral movement across poorly segmented networks. It downplays the role of CVEs as the primary attack surface.

Adaptation of Attackers: Attackers use techniques beyond vulnerabilities, including exploiting misconfigurations, misusing credentials, and lateral movement across networks. Vulnerability scanners are limited in detecting these issues.

Case Studies: Includes real-world stories demonstrating common security failures

Challenges in Security Testing: The pentesting industry faces a shortage of certified testers, and the increasing complexity of infrastructures makes retesting and continuous verification difficult.

Solution Approaches: Recommendations include continuous verification of security posture, ensuring regular testing, and rapidly fixing vulnerabilities before attackers can exploit them.

Automation and AI: AI lowers the barriers to entry for attackers, enabling rapid and scalable exploitation across multiple hosts.

Final Takeaway: Security must be continuously tested, and organizations should focus on reducing the exploitable attack surface through proactive measures such as improved monitoring, segmentation, and tool configuration.

The presentation underscores the need for a "wartime mindset," where organizations continuously challenge their security assumptions, verify defenses, and respond swiftly to emerging threats ... read more

Language: German

Questions and Answers: No

Speaker

show more

You might also be interested in

Header of Fraunhofer IOSB-AST
10/24/2024| 09:30 AM - 09:45 AM
Cyber-resilient power supply: From monitoring to active management

How can active security management improve the OT infrastructures of grid and system operators?

Haeder of SySS GmbH
10/24/2024| 09:30 AM - 10:00 AM
The Future of Hacking – Attacks on Current and Future Technologies


In a speed hacking session, Sebastian Schreiber demonstrates current attacks live on stage a...
Header of FlashStart Group
10/24/2024| 09:30 AM - 09:45 AM
Distributing DNS Cyber Security over the world

FlashStart is committed to ensuring that businesses and users in every corner of the planet are p...
it-sa 365 Key Visual
10/24/2024| 09:30 AM - 10:00 AM
Risk minimization in IT - dependencies and concentration risks in accordance with DORA

IT dependencies and concentration risks Vendors in accordance with DORA

Header of Censys
10/24/2024| 09:30 AM - 09:45 AM
How to think like an Attacker! Preventive Cyber Security with Censys

A proactive approach with an attacker's perspective can help you protect your cyber environments ...
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.