SC Media Special Event: Continuously Hacking Yourself

Explore the benefits of continually hacking yourself to discover new assets (including many you don’t even know you have) and their associated vulnerabilities.

}

Register to Watch Video

By submitting this form, you indicate that you have read and agree to the terms of our Privacy Policy.

These days, improving security is fraught with challenges. Your attack surface keeps changing. You likely have vulnerabilities hiding in assets you don’t even know exist. And convincing people to remediate vulnerabilities after you identify them is harder than it should be – oftentimes, they won’t even admit there’s a problem!

In this webinar, we explore how combining attack surface management with continuous penetration testing can overcome these challenges. We discuss the benefits of continually hacking yourself to discover new assets (including many you don’t even know you have) and their associated vulnerabilities, and answer key questions like: What's the impact of these vulnerabilities to my organization, and how should we prioritize fixes? We also explore what’s driving the evolution of offensive security, why the time for continuous hacking is now, and how to focus your attention on vulnerabilities that have a real impact.

Watch it on-demand to learn how to implement a strategy that gives you confidence your attack surface is covered, and stops the internal debating and theorizing so you can focus on fixing the exposures that pose the greatest risk to your business.

Paul Asadoorian

About the speaker, Paul Asadoorian

Chief Innovation Officer, CyberRisk Alliance

Paul Asadoorian is the Chief Innovation Officer at CyberRisk Alliance. He is also the founder of Security Weekly, a security podcast network providing free security information to the community and security market validation to a wide variety of security companies. Paul is the primary host to several shows, including Paul’s Security Weekly and Enterprise Security Weekly, providing the security community with valuable knowledge and insights. Paul is also a founding member of Active Countermeasures, a startup dedicated to providing reliable sources of actionable intelligence. Previously Paul has held technical (and marketing) positions at Tenable Network Security, penetration testing firms, and universities. Paul has also spent time as an instructor for The SANS Institute, an IANS faculty member and has presented at security conferences including RSA, Derbycon, Brucon, SOURCE Conference and more.

More by Paul
Joe sechman

About the speaker, Joe Sechman

AVP of R&D at Bishop Fox

Joe is a Bishop Fox alumnus. Over his career, Joe has amassed many security certifications, delivered several presentations, and has co-authored multiple industry publications with groups such as ISC2, ISACA, ASIS, HP, and IEEE.

Additionally, Joe is a prolific inventor with nine granted patents in the fields of dynamic and runtime application security testing, attack surface enumeration, and coverage (U.S. Patents 10,699,017, 10,515,219, 10,516,692, 10,515,220, 10,423,793, 9,846,781, 10,650,148, 10,587,641, and 11,057,395). Prior to joining Bishop Fox, Joe held leadership positions with companies such as Cobalt Labs, HP Fortify, Royal Philips, and Sunera LLC (now Focal Point Data Risk). Earlier in his career, Joe served as the lead penetration tester within SPI Labs at SPI Dynamics where he cut his teeth alongside some of the best and brightest application security industry professionals. Joe received his Bachelor of Business Administration degree in Management Information Systems from the Terry College of Business - University of Georgia.
More by Joe
Ori zigindere

About the speaker, Ori Zigindere

Director of Cosmos Operations at Bishop Fox

Ori Zigindere is Director of COSMOS (formerly CAST) Operations at Bishop Fox with a background in software engineering. He works with a wide range of companies in all major industries and leads a team that helps them improve their security posture against day to day threats.

Ori believes in the value of privacy and security and helps both individuals and organizations to improve their understanding of these topics. In his spare time, he runs WorkshopCon, a company he co-founded, which helps bring together information security students and trainers for world class quality, low cost training.

Ori is an avid volunteer for local information security events in the New England area where he co-organizes Boston Security Meetup and is a board member at OWASP Boston where he is responsible for coordinating volunteers for the annual Boston Application Security Conference (BASC). Ori is a certified GIAC Web Application (GWAPT) and Network Penetration Tester (GPEN) and holds a bachelor's degree in computer science.

More by Ori

Extend Your Knowledge

Check out these related resources.

Zoom chose Bishop Fox for continuous security testing to add to their robust security program.
Customer Story

Zoom Secures their Rapidly Expanding Attack Surface with Cosmos (formerly CAST)

As businesses and users have shifted to remote work environments, Zoom has experienced unprecedented growth in their user base – from 10M daily meeting participants in December 2019 to 300M in April 2020. To protect these new users, Zoom sought out continuous security testing to add to their robust security program.
Learn More
Security Weekly Labs Product Reviews: SW Labs Attack Surface Management Category Overview, sponsored by Bishop Fox
Report

SW Labs Product Review: Cosmos Attack Surface Management Platform

SW Labs assessed Bishop Fox’s Cosmos (formerly CAST) the “Best Emerging Technology" Attack Surface Management Platform of 2021.

Learn More
Top 50 Questions to Ask When Evaluating Offensive Security Providers check list first page preview
Guide

Evaluating Offensive Security Solutions: Top 50 Questions to Ask

To ensure your security investments offer complete visibility into your attack surface and uncover critical risks at scale, we've compiled questions to help you evaluate solutions. We focus on six key areas: attack surface discovery, exposure identification, triage, validation, remediation, and outputs.

Learn More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.