As well as Rory's talk on pentest automation at BSides London - we will both be doing a workshop "Performing a DIY Security Review".  It is aimed at IT Professionals and shows the basics of how to prepare for a Security Review ("pentest").  This is something that is dear to our hearts because writing about SSLv2 over and over again is not something which either excites us greatly, or provides a great deal of value to customers.  We think people should do a preparatory review themselves and let the tester concentrate on the specialized stuff - giving better value for money and a shorter, more focused report.

So the workshop is all about using free or low cost tools to look at a network and remove glaring faults from it prior to having a test done.  We don't cover web application testing - but if this one proves of interest we may do something along those lines in the future.

I'll post the slides and documentation here after the event.




Security Geek, Kubernetes, Docker, Ruby, Hillwalking