Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Hacker Insights Revealed: Explore New SANS Survey Results

In partnership with SANS,we share what our latest report uncovers about the minds and methodologies of modern attackers and how this can help to improve your security posture.

}

Register to Watch Video

By submitting this form, you indicate that you have read and agree to the terms of our Privacy Policy.

To stay ahead of a hacker, you need to think like one. Just like forensic psychology investigates the motives and minds of criminals, a similar approach can be taken with hackers and cybercriminals to defend forward in the digital realm.

Security experts, Matt Bromiley, certified instructor at SANS, and Tom Eston, AVP of consulting at Bishop Fox, will share insights from our ground-breaking research on the methods of modern attackers. In contrast to other surveys that take a defender’s point of view, our report breaks new ground by exploring an attacker's perspective and how they view specific environments as well as where they find the most success.

We hope you tune in to learn about these key findings and more:

  • 57% of ethical hackers reported that they can complete an end-to-end attack in under a day.
  • Nearly 64% reported being able to collect and potentially exfiltrate data in five hours or less once they gained access, with an astounding 41% successful in two hours or less.
  • Shockingly, 74% of survey respondents indicated that only few or some organizations have adequate detection and response capabilities to effectively stop an attack.
  • 45% stated that using unethical measures would have a high, or extremely high, impact on their success.
Matt Bromiley SANS Headshot

About the speaker, Matt Bromiley

Certified Instructor at SANS Institute

Matt Bromiley is a principal incident response consultant at a top digital forensics and incident response (DFIR) firm. In the DFIR firm Matt assists clients with incident response, digital forensics, and litigation support. He also serves as a GIAC Advisory Board member, a subject-matter expert for the SANS Security Awareness, and a technical writer for the SANS Analyst Program. Matt brings his passion for digital forensics to the classroom as a SANS Instructor for FOR508: Advanced Incident Response, Threat Hunting and Digital Forensics, and FOR572: Advanced Network Forensics, where he focuses on providing students with implementable tools and concepts.

More by Matt
Tom Eston

About the speaker, Tom Eston

VP of Consulting and Cosmos at Bishop Fox

Tom Eston is the VP of Consulting and Cosmos at Bishop Fox. Tom's work over his 15 years in cybersecurity has focused on application, network, and red team penetration testing as well as security and privacy advocacy. He has led multiple projects in the cybersecurity community, improved industry standard testing methodologies and is an experienced manager and leader. He is also the founder and co-host of the podcast The Shared Security Show; and a frequent speaker at user groups and international cybersecurity conferences including Black Hat, DEF CON, DerbyCon, SANS, InfoSec World, OWASP AppSec, and ShmooCon.
More by Tom

Extend Your Knowledge

Check out these related resources.

Cover page of the SANS Report Hacker Survey 2022
Guides & Report

SANS Institute: Inside the Minds & Methods of Modern Adversaries

This inaugural report, in partnership with Bishop Fox, surveyed 280 ethical hackers to understand how adversaries think about the attack surfaces that they seek to exploit.

Learn More
Blog post title plus a bar graph showing the exploitable exposures most often found by hackers. Know Your Enemy, Know Yourself: Examining the Mind of a Cyber Attacker.
Industry

Sep 28, 2022

Know Your Enemy, Know Yourself: Examining the Mind of a Cyber Attacker

By Wes Hutcherson

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.