SlideShare une entreprise Scribd logo

How Ethical Hacking is Healthy for Business

Télécharger en tant que PPTX, PDF
SecurityMetrics
SecurityMetrics

The easiest and most accurate way to discover if a business is protected enough to withstand a hack is to test it through the eyes of an (ethical) hacker. Ethical hackers, or penetration testers, act as computer detectives who manually examine a business environment for exploitable weaknesses. This presentation will discuss the importance of ensuring a business network receives the security check-ups it requires to maintain a healthy security posture.

Technologie
1  sur  23
Ethical Hacking is Healthy for Business
Is your company prepared for a situation like this?
If you had your website, networks, and servers ethically hacked, you probably wouldn’t be in this situation.
Let’s talk about hackers
There are 2 types of hackers. Malicious Ethical
Malicious hackers look to exploit weaknesses in a computer or network to steal company or customer information.
Ethical hackers are hired by a company to find weaknesses in that company’s environment. Ethical hackers are also called penetration testers.
The point? Find the weaknesses malicious hackers would use to gain access to company data, and help companies fix the problem!
Ethical hackers simulate real scenarios. For example: – Hackers that want to steal credit card information – Unethical competitors looking for company secrets – Disgruntled employees who want to deface a company website
What kind of tests do they conduct? • • • • • Internal/external testing Web application testing Remote access testing Wireless testing Social engineering
After testing, penetration testers provide: – Report on all vulnerabilities – Assistance to fix the found vulnerabilities
Why get a penetration test? Here are 6 reasons.
1 It’s required (PCI DSS requirement 11.3)
2 To test your products or website for security failures Did you know more than 79% of data breach victims possess an easily exploitable weakness? -Verizon
3 To properly allocate security funds
To test incident response and security awareness of staff 4
5 So you don’t end up on the front page
Because hackers become more sophisticated in the ways they steal data. 6 They adapt as fast as technologies improve.
Most breaches are preventable.
Why can hackers get in so easily? • Favoring functionality over security • Insecure software development • Incorrect configuration • Lack of staff security education • Gaps in accountability
3 Best Practices Implement secure controls and conduct security awareness training Implement a strict policy for code development & testing Get ethically hacked!
Need to be ethically hacked? audits@securitymetrics.com 801.705.5656

Recommandé

Penetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningPenetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningSecurityMetrics
 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?Bhavin Shah
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingYvonne Marambanyika
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingWon Ju Jub
 
What is pentest
What is pentestWhat is pentest
What is pentestitissolutions
 

Recommandé

Penetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningPenetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningSecurityMetrics
 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?Bhavin Shah
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingYvonne Marambanyika
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingWon Ju Jub
 
What is pentest
What is pentestWhat is pentest
What is pentestitissolutions
 
Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingeNinja Technologies
 
VAPT Services by prime
VAPT Services by primeVAPT Services by prime
VAPT Services by primePrime Infoserv
 
OTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTOTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTshiriskumar
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases Nasir Bhutta
 
VAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliVAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2Scott Sutherland
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesAkshay Kurhade
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingANURAG CHAKRABORTY
 
Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Network Intelligence India
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodologyRashad Aliyev
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentMarcelo Silva
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGEr Vivek Rana
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Penetration Testing Services
Penetration Testing ServicesPenetration Testing Services
Penetration Testing ServicesCyber 51 LLC
 
Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016rajeshnikam
 
Introduction to Penetration testing and tools
Introduction to Penetration testing and toolsIntroduction to Penetration testing and tools
Introduction to Penetration testing and toolsVikram Khanna
 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless networkHadi Fadlallah
 
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015 Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015 Lastline, Inc.
 
Zombie king
Zombie kingZombie king
Zombie kingkru1021
 
The Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack StatisticsThe Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack StatisticsState of the Internet
 

Contenu connexe

Tendances

Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingeNinja Technologies
 
VAPT Services by prime
VAPT Services by primeVAPT Services by prime
VAPT Services by primePrime Infoserv
 
OTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTOTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTshiriskumar
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases Nasir Bhutta
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2Scott Sutherland
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesAkshay Kurhade
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingANURAG CHAKRABORTY
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodologyRashad Aliyev
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentMarcelo Silva
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGEr Vivek Rana
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Penetration Testing Services
Penetration Testing ServicesPenetration Testing Services
Penetration Testing ServicesCyber 51 LLC
 
Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016rajeshnikam
 
Introduction to Penetration testing and tools
Introduction to Penetration testing and toolsIntroduction to Penetration testing and tools
Introduction to Penetration testing and toolsVikram Khanna
 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless networkHadi Fadlallah
 
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015 Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015 Lastline, Inc.
 

Tendances (20)

Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration Testing
 
VAPT Services by prime
VAPT Services by primeVAPT Services by prime
VAPT Services by prime
 
OTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTOTG - Practical Hands on VAPT
OTG - Practical Hands on VAPT
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases
 
VAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliVAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant mali
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) services
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration Testing
 
Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodology
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability Assessment
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTING
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Penetration Testing Services
Penetration Testing ServicesPenetration Testing Services
Penetration Testing Services
 
Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016
 
Introduction to Penetration testing and tools
Introduction to Penetration testing and toolsIntroduction to Penetration testing and tools
Introduction to Penetration testing and tools
 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless network
 
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015 Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
 

En vedette

Zombie king
Zombie kingZombie king
Zombie kingkru1021
 
The Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack StatisticsThe Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack StatisticsState of the Internet
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityjessepollak
 
CNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewCNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewSam Bowne
 
Zombie Survival Gudie
Zombie Survival GudieZombie Survival Gudie
Zombie Survival Gudieichthyoid
 
Signs of a zombie computer!
Signs of a zombie computer!Signs of a zombie computer!
Signs of a zombie computer!kanika sharma
 
CITEC #CON2-Dirty Attack with Google Hacking
CITEC #CON2-Dirty Attack with Google HackingCITEC #CON2-Dirty Attack with Google Hacking
CITEC #CON2-Dirty Attack with Google HackingPrathan Phongthiproek
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 

En vedette (8)

Zombie king
Zombie kingZombie king
Zombie king
 
The Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack StatisticsThe Battle Against DDoS | DDoS Attack Statistics
The Battle Against DDoS | DDoS Attack Statistics
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress security
 
CNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewCNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking Overview
 
Zombie Survival Gudie
Zombie Survival GudieZombie Survival Gudie
Zombie Survival Gudie
 
Signs of a zombie computer!
Signs of a zombie computer!Signs of a zombie computer!
Signs of a zombie computer!
 
CITEC #CON2-Dirty Attack with Google Hacking
CITEC #CON2-Dirty Attack with Google HackingCITEC #CON2-Dirty Attack with Google Hacking
CITEC #CON2-Dirty Attack with Google Hacking
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 

Similaire à How Ethical Hacking is Healthy for Business

Ethical hacking concept-Part 1
Ethical hacking concept-Part 1Ethical hacking concept-Part 1
Ethical hacking concept-Part 1Saurabh Upadhyay
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfShivamSharma909
 
What is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdfWhat is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdfJawaidAbdulHameed
 
The Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftThe Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftCase IQ
 
Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01rajkumar jonuboyena
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxvamshimatangi
 
Ethical Hacking .pptx
Ethical Hacking .pptxEthical Hacking .pptx
Ethical Hacking .pptxjohnnymaaza
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisNorth Texas Chapter of the ISSA
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingBugRaptors
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Ethical hacking & cyber security
Ethical hacking & cyber securityEthical hacking & cyber security
Ethical hacking & cyber securityankit gandharkar
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUUniversity of Essex
 
Learn Why to Hire Certified Ethical Hackers USA.pptx
Learn Why to Hire Certified Ethical Hackers USA.pptxLearn Why to Hire Certified Ethical Hackers USA.pptx
Learn Why to Hire Certified Ethical Hackers USA.pptxTekkis
 
Cyber Security vs.pdf
Cyber Security vs.pdfCyber Security vs.pdf
Cyber Security vs.pdfMing Man Chan
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hackamrutharam
 

Similaire à How Ethical Hacking is Healthy for Business (20)

Ethical hacking concept-Part 1
Ethical hacking concept-Part 1Ethical hacking concept-Part 1
Ethical hacking concept-Part 1
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
 
What is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdfWhat is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdf
 
CYBER51-FYLER
CYBER51-FYLERCYBER51-FYLER
CYBER51-FYLER
 
The Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftThe Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data Theft
 
Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
 
Ethical Hacking .pptx
Ethical Hacking .pptxEthical Hacking .pptx
Ethical Hacking .pptx
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Ethical hacking & cyber security
Ethical hacking & cyber securityEthical hacking & cyber security
Ethical hacking & cyber security
 
Ethichack 2012
Ethichack 2012Ethichack 2012
Ethichack 2012
 
Network Penetration Testing Service
Network Penetration Testing ServiceNetwork Penetration Testing Service
Network Penetration Testing Service
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Learn Why to Hire Certified Ethical Hackers USA.pptx
Learn Why to Hire Certified Ethical Hackers USA.pptxLearn Why to Hire Certified Ethical Hackers USA.pptx
Learn Why to Hire Certified Ethical Hackers USA.pptx
 
Cyber Security vs.pdf
Cyber Security vs.pdfCyber Security vs.pdf
Cyber Security vs.pdf
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
 

Plus de SecurityMetrics

Understanding the New PCI DSS Scoping Supplement
Understanding the New PCI DSS Scoping SupplementUnderstanding the New PCI DSS Scoping Supplement
Understanding the New PCI DSS Scoping SupplementSecurityMetrics
 
How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach SecurityMetrics
 
How to Secure Your Medical Devices
How to Secure Your Medical DevicesHow to Secure Your Medical Devices
How to Secure Your Medical DevicesSecurityMetrics
 
How to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditHow to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditSecurityMetrics
 
Medical Data Encryption 101
Medical Data Encryption 101Medical Data Encryption 101
Medical Data Encryption 101SecurityMetrics
 
Securing Your Remote Access Desktop Connection
Securing Your Remote Access Desktop ConnectionSecuring Your Remote Access Desktop Connection
Securing Your Remote Access Desktop ConnectionSecurityMetrics
 
HIPAA PHI Protection: Where is Your PHI Stored?
HIPAA PHI Protection: Where is Your PHI Stored? HIPAA PHI Protection: Where is Your PHI Stored?
HIPAA PHI Protection: Where is Your PHI Stored? SecurityMetrics
 
The 5 Step HIPAA Risk Analysis
The 5 Step HIPAA Risk AnalysisThe 5 Step HIPAA Risk Analysis
The 5 Step HIPAA Risk AnalysisSecurityMetrics
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA AuditSecurityMetrics
 
Don't Let Phishing Emails Hook Your Empolyees
Don't Let Phishing Emails Hook Your EmpolyeesDon't Let Phishing Emails Hook Your Empolyees
Don't Let Phishing Emails Hook Your EmpolyeesSecurityMetrics
 
What's Causing You to Store Unencrypted Payment Cards?
What's Causing You to Store Unencrypted Payment Cards? What's Causing You to Store Unencrypted Payment Cards?
What's Causing You to Store Unencrypted Payment Cards? SecurityMetrics
 
5 Steps to Manage a Data Breach
5 Steps to Manage a Data Breach5 Steps to Manage a Data Breach
5 Steps to Manage a Data BreachSecurityMetrics
 
Auditing Archives: The Case of the File Sharing Franchisee
Auditing Archives: The Case of the File Sharing FranchiseeAuditing Archives: The Case of the File Sharing Franchisee
Auditing Archives: The Case of the File Sharing FranchiseeSecurityMetrics
 
Auditing Archives: The Case of the Evil Java Script
Auditing Archives: The Case of the Evil Java ScriptAuditing Archives: The Case of the Evil Java Script
Auditing Archives: The Case of the Evil Java ScriptSecurityMetrics
 
Auditing Archives: The Case of the Overly Helpful Front Desk Clerk
Auditing Archives: The Case of the Overly Helpful Front Desk ClerkAuditing Archives: The Case of the Overly Helpful Front Desk Clerk
Auditing Archives: The Case of the Overly Helpful Front Desk ClerkSecurityMetrics
 
The Case of the Suspiciously Flawless Investigation
The Case of the Suspiciously Flawless InvestigationThe Case of the Suspiciously Flawless Investigation
The Case of the Suspiciously Flawless InvestigationSecurityMetrics
 
The Case of the Mistaken Malware
The Case of the Mistaken MalwareThe Case of the Mistaken Malware
The Case of the Mistaken MalwareSecurityMetrics
 
The Case of the Stockpiled Credit Cards
The Case of the Stockpiled Credit CardsThe Case of the Stockpiled Credit Cards
The Case of the Stockpiled Credit CardsSecurityMetrics
 

Plus de SecurityMetrics (20)

Hipaa Reality Check
Hipaa Reality CheckHipaa Reality Check
Hipaa Reality Check
 
Understanding the New PCI DSS Scoping Supplement
Understanding the New PCI DSS Scoping SupplementUnderstanding the New PCI DSS Scoping Supplement
Understanding the New PCI DSS Scoping Supplement
 
How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach
 
How to Secure Your Medical Devices
How to Secure Your Medical DevicesHow to Secure Your Medical Devices
How to Secure Your Medical Devices
 
How to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditHow to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS Audit
 
Medical Data Encryption 101
Medical Data Encryption 101Medical Data Encryption 101
Medical Data Encryption 101
 
Securing Your Remote Access Desktop Connection
Securing Your Remote Access Desktop ConnectionSecuring Your Remote Access Desktop Connection
Securing Your Remote Access Desktop Connection
 
Window of Compromise
Window of CompromiseWindow of Compromise
Window of Compromise
 
HIPAA PHI Protection: Where is Your PHI Stored?
HIPAA PHI Protection: Where is Your PHI Stored? HIPAA PHI Protection: Where is Your PHI Stored?
HIPAA PHI Protection: Where is Your PHI Stored?
 
The 5 Step HIPAA Risk Analysis
The 5 Step HIPAA Risk AnalysisThe 5 Step HIPAA Risk Analysis
The 5 Step HIPAA Risk Analysis
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit
 
Don't Let Phishing Emails Hook Your Empolyees
Don't Let Phishing Emails Hook Your EmpolyeesDon't Let Phishing Emails Hook Your Empolyees
Don't Let Phishing Emails Hook Your Empolyees
 
What's Causing You to Store Unencrypted Payment Cards?
What's Causing You to Store Unencrypted Payment Cards? What's Causing You to Store Unencrypted Payment Cards?
What's Causing You to Store Unencrypted Payment Cards?
 
5 Steps to Manage a Data Breach
5 Steps to Manage a Data Breach5 Steps to Manage a Data Breach
5 Steps to Manage a Data Breach
 
Auditing Archives: The Case of the File Sharing Franchisee
Auditing Archives: The Case of the File Sharing FranchiseeAuditing Archives: The Case of the File Sharing Franchisee
Auditing Archives: The Case of the File Sharing Franchisee
 
Auditing Archives: The Case of the Evil Java Script
Auditing Archives: The Case of the Evil Java ScriptAuditing Archives: The Case of the Evil Java Script
Auditing Archives: The Case of the Evil Java Script
 
Auditing Archives: The Case of the Overly Helpful Front Desk Clerk
Auditing Archives: The Case of the Overly Helpful Front Desk ClerkAuditing Archives: The Case of the Overly Helpful Front Desk Clerk
Auditing Archives: The Case of the Overly Helpful Front Desk Clerk
 
The Case of the Suspiciously Flawless Investigation
The Case of the Suspiciously Flawless InvestigationThe Case of the Suspiciously Flawless Investigation
The Case of the Suspiciously Flawless Investigation
 
The Case of the Mistaken Malware
The Case of the Mistaken MalwareThe Case of the Mistaken Malware
The Case of the Mistaken Malware
 
The Case of the Stockpiled Credit Cards
The Case of the Stockpiled Credit CardsThe Case of the Stockpiled Credit Cards
The Case of the Stockpiled Credit Cards
 

Dernier

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 

Dernier (20)

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 

How Ethical Hacking is Healthy for Business

  • 2. Is your company prepared for a situation like this?
  • 3.
  • 4. If you had your website, networks, and servers ethically hacked, you probably wouldn’t be in this situation.
  • 6. There are 2 types of hackers. Malicious Ethical
  • 7. Malicious hackers look to exploit weaknesses in a computer or network to steal company or customer information.
  • 8. Ethical hackers are hired by a company to find weaknesses in that company’s environment. Ethical hackers are also called penetration testers.
  • 9. The point? Find the weaknesses malicious hackers would use to gain access to company data, and help companies fix the problem!
  • 10. Ethical hackers simulate real scenarios. For example: – Hackers that want to steal credit card information – Unethical competitors looking for company secrets – Disgruntled employees who want to deface a company website
  • 11. What kind of tests do they conduct? • • • • • Internal/external testing Web application testing Remote access testing Wireless testing Social engineering
  • 12. After testing, penetration testers provide: – Report on all vulnerabilities – Assistance to fix the found vulnerabilities
  • 13. Why get a penetration test? Here are 6 reasons.
  • 14. 1 It’s required (PCI DSS requirement 11.3)
  • 15. 2 To test your products or website for security failures Did you know more than 79% of data breach victims possess an easily exploitable weakness? -Verizon
  • 16. 3 To properly allocate security funds
  • 17. To test incident response and security awareness of staff 4
  • 18. 5 So you don’t end up on the front page
  • 19. Because hackers become more sophisticated in the ways they steal data. 6 They adapt as fast as technologies improve.
  • 20. Most breaches are preventable.
  • 21. Why can hackers get in so easily? • Favoring functionality over security • Insecure software development • Incorrect configuration • Lack of staff security education • Gaps in accountability
  • 22. 3 Best Practices Implement secure controls and conduct security awareness training Implement a strict policy for code development & testing Get ethically hacked!
  • 23. Need to be ethically hacked? audits@securitymetrics.com 801.705.5656

Notes de l'éditeur

  1. Emphasize that I am using the terminology outside of their technical definitions. These terms are commonly used in the media and well-known to the public at large.
  2. I can’t speak for all penetration testing departments, but I know what SM gives you.
  3. Vulnerability scans locate potential vulns, pen testers shows tells you what an exploitable vuln is (a REAL weakness)
  4. In the past 10 months, what newsworthy businesses have been hacked that could have prevented their hack with a pen test?Similar risks to what a pen test can find and exploit.