Dave Kennedy of Diebold discusses Penetration Testing Execution Standard (PTES), Vulnerability Analysis and APT Attack Prevention at the INFOSEC World Conference & Expo 2012.
From the conference web site:
Described by BBC World News as one of the leading security experts in information security, Dave Kennedy will take you on a wild ride into the world of security. He will argue that it's time to pitch out the window everything you've learned about securing your organization and instead, get back to basics. Creator of the Social-Engineer Toolkit (SET), Dave will show the alarming trends and increasing security breaches plaguing organizations today. He will argue that security budgets continue to increase and yet there's no fix in sight.
Further, we have invested heavily in the wrong things - compliance-drive efforts, technology, and protecting the entire organization - while failing to invest in what truly matters: the company's ability to generate revenue. He will show several ground-breaking attack vectors aimed at targeting the latest technologies and reveal why our castle mentality is flawed. Finally, Dave will dive down to the root cause of insecurity and offer a path forward into a new era of truly protecting our information and assets.
Originally recorded April 4, 2012.