Workshop Planning and Implementation of Penetration Tests
|Target Audience||Information Security Professionals
Information Security Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security
From Consultancies and Resellers/Integrators are only technical peoples allowed to take part. Vendors and people with a Sales/Marketing role are not authorized as participants.
|CPE Credits||Earn 6.75 CPE (Continuing Professional Education) for attending this SIGS Workshop. Please request a confirmation.|
|Location||Mövenpick Hotel Zurich-Regensdorf
Im Zentrum 2
|Date of Event||18th of May 2017|
|Special||The workshop will be held during the Hacking Day. You will have the possibility to hear the keynotes and you can visit the different vendors at their booth during the breaks.
|11:00 am – 5:35 pm||Workshop incl. joint lunch
|5:35 am – open end||Apéro Riche & Networking
Sebastian Schreiber will be onsite for Q&A
This vendor-independent workshop provides you:
An insecure IT environment may seriously endanger the operations or even the continued existence of companies. Small, insignificant errors often cause dangerous gaps in IT networks. The prerequisite for eliminating these errors is identification of the gaps.
Although IT infrastructures and applications may be robustly designed according to high-quality standards, they may still contain weaknesses.
In order to identify these weaknesses, a penetration test is ideally suited as a control instrument. Because this is the only way to effectively examine IT networks for security gaps both externally and internally. However, implementation of these simulated hacker attacks is anything but easy and will be discussed during the workshop.
- Why penetration tests?
- Subject of the tests (perimeter, LAN, WLAN, web application, web services, clients, iOS, Android, special tests)
- Penetration tests in the light of the new IT Security Act
- Organizational possibilities
- One-off or as a process?
- Black box test or white box test?
- Test to be performed by an external expert or internally? Careful selection of the service provider
- Aggressive or cautious procedure?
- Attacker models and attack scenarios
- Procedure; internal and external communication regarding tests
- Cost-benefit ratio, budget optimization
- Project management
- Metrics and standards
- Latest trends, future penetration tests
- Legal and ethical aspects
- Following up vulnerabilities
- Multi-period test plans
- Penetration tests as an internal audit tool
- Planning and implementation of penetration tests in group structures
- 10 practical tips by Sebastian Schreiber
Workshop Participant Fee
Fr. 449.— (including workshop material, lunch, beverages and apéro riche afterwards)
Special: money back guarantee if you are not really satisfied with this workshop
Cancellations of registration are free of charge until 30 days before. Cancellations received beyond this point will incur 100% of the admission fee. You will get an invoice for the respective amount. In any case, however, a delegate may be sent at no additional costs.