Date & Time
Wednesday, October 17, 2018, 10:15 AM - 11:45 AM
Category
Professional Techniques
Description

Penetration testing cloud-based applications has many special considerations to get the best results. This detailed presentation will help organizations leveraging the cloud understand these nuances to reduce cloud application or business risk.

Coalfire completes 1,500+ penetration tests per year, and as the leading FedRAMP 3PAO, has unique expertise in conducting penetration testing for IaaS, PaaS, and SaaS providers needing to meet the federal cloud security program requirements. This rpesentation will be supplemented with proprietary data analysis from aggregated penetration tests.

This presentation will provide attendees insights on:

• Working with your CSP (IaaS, PaaS, and SaaS) for approvals to conduct testing

• Learning what a CSP tests as part of their security obligations (and what they don’t!)

• How to leverage third-party reports for your penetration testing

• The unique attack vectors within each cloud deployment model

• Best practices for defining a penetration testing plan for services in scope, internal/external, black/gray/white box testing

• Pros/cons of automating application penetration testing

• The benefits of penetration testing beyond compliance requirements

Speaker(s)
Mike Weber
Speaker Bio(s)
Mike Weber is responsible for Coalfire Labs operations, including penetration testing, application security assessments, forensics, and research and development. He leads a team of over 50 security professionals and is an expert in development and management of information security programs tailored to highly-regulated industries like government, healthcare, banking, and utilities.
CEUs
1.8