Redscan decided to bring together a number of industry experts to consider the state of the ethical hacking industry and examine current risks, challenges and trends in 2020 and beyond.

Anthony Lee from Rosenblatt outlines the legal challenges affecting ethical hacking.

DevOps teams are rearchitecting their applications from monoliths to microservices, fueled by containerization and CI/CD. As application development moves to the cloud, security testing tools must follow. Application security testing solutions by Synopsys support the CI/CD tools you already use, including AWS Developer Tools. Coverity static analysis identifies security and quality issues in code as it is being built.

Brief overview of all new features in v4.1, including NetFlow malicious traffic detection, enhanced performance monitoring via command line output capture, Active Directory password reminder emails, BitLocker, Pending Reboot & battery detection, lots of visual & functional improvements to the web reports and more!

vPenTest is an automated and full-scale penetration test platform that makes network penetration testing more scalable, accurate, faster, consistent, and not prone to human error. Using vPenTest, organizations can now perform a penetration test at any time, allowing network administrators to evaluate their risks to cyber attacks in nearly real time.

University Federal Credit Union is a #diverse, member-owned cooperative that seeks to bring about #human and social development in full #accordance with International Credit Union Operating Principles. Laura Rea, Senior Manager Assurance Services at UFCU and the #Supervisory Committee were looking for a way to #tie together the #disparate security components and #review them collectively for a better look at the organization’s overall #security posture.

JUMPSEC Jargon Buster - What is the difference between a Vulnerability Assessment & a Penetration Test, Thom explains. Vulnerability assessments typically rely on vulnerability scanning tools to identify technical vulnerabilities making use of pre-configured test cases and signatures. A penetration test takes a contextual view of the target, combining many vulnerabilities and information sources in order to craft specific attacks with the goal of finding security weaknesses. Simply put a penetration test mimiks a skilled attacker, whereas a vulnerability assessment provides a baseline against common known weaknesses.

JUMPSEC Jargon Buster - Nikoo explains how Red Teaming differs from a Penetration Test. There are a number of ways that a red teaming exercise differentiate from a pen test. Firstly, the scope of standard penetration test is usually clearly defined with the goal to identify as many vulnerabilities as possible and attempt to exploit them on the stated targets during the engagement.

Do Not Allow COM Port Redirection will determine whether the redirection of data to client COM ports from the remote computer will be allowed in the RDS session. By default, RDS allows COM port redirection. It can be used, for example, to use a USB dongle in an RDS session.