Register Now for Online Training and get a GIAC Cert Attempt Included or $350 Off

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Mind the Gap: going beyond penetration testing for security improvement

  • Tuesday, February 27th, 2018 at 10:30 AM EST (15:30:00 UTC)
  • Caspian Kilkelly, Senior Advisory Services Consultant, Rapid7
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Rapid7 Inc.

You can now attend the webcast using your mobile device!

Overview

Security teams and leaders know the value of regular external and internal testing of technical controls for their organization's security program, but what about the other stuff? Subjects like IT security management, threat modeling, incident response and security architecture improvement aren't usually addressed in most penetration tests, and compliance driven audit processes rarely extend beyond the regulation or standard that is being audited. During this presentation, Caspian Kilkelly, senior advisory services consultant at Rapid7, will cover a few ways to examine, analyze, review and improve organizational and product-oriented security programs using data and experience from Rapid7's consulting teams. Drawing data and experience from penetration testing, research, incident response, and advisory services work, we'll examine common gaps in security programs, and ways of solving them using a cyclical approach to security improvement.

Speaker Bio

Caspian Kilkelly

Caspian Kilkelly (CISSP, CSM) has 20 years of experience in Security, IT operations and management. He has worked for international insurance, IT, health and entertainment organizations, large universities and cutting-edge startups. His security background includes event and organizational security consulting, asset management, physical security and crime prevention, digital forensics, incident response, and information security policy development. Caspian has spent the last 10 years of his career working as a volunteer with IHE and other medical informatics standards specialist groups in order to secure and audit medical devices and software entering the North American market. He is also part of the organizing committee for B-Sides Las Vegas and Defcon Skytalks. Caspian is a graduate of Concordia University’s Planning and Geography program in Montreal.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.