Get an 11" iPad Pro, Surface Go 2, or $300 Off with OnDemand Training

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Assumption of a breach: How a new notion can help protect your enterprise

  • Wednesday, January 09, 2019 at 3:30 PM EST (2019-01-09 20:30:00 UTC)
  • Tim Medin

You can now attend the webcast using your mobile device!

  

Overview

Security teams should not operate under the assumption that a breach will happen, but when. The fresh twist on penetration testing puts an attacker (good guy/gal) on your systems running under the context of an authorized user. The goal is to simulate a compromised system or a rogue trusted insider. The goals of the test should be focused on the business risk and how insecurities, vulnerabilities, and misconfigurations can impact the data and processes vital to the organization. Goals are business focus, not domain admin focused.

Speaker Bio

Tim Medin

Tim Medin is the founder and Principal Consultant at Red Siege, a company focused to adversary emulation and penetration testing. Tim is also the SANS MSISE Program Director and author of several SANS courses. Through the course of his career, Tim has performed penetration tests on a wide range of organizations and technologies. He gained information security experience in a variety of industries including previous positions in control systems, higher education, financial services, and manufacturing. Tim is an experienced international speaker, having presented to organizations around the world. Tim is also the creator of Kerberoasting, a technique to extract kerberos tickets in order to offline attack the password of enterprise service accounts. Tim earned his MBA through the University of Texas. 

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.