Risky Business #254 -- Does your pentester team know what it's doing?
This week's feature interview is with Wayne Ronaldson. Wayne's a security consultant with a company here called CQR, but he's cobbled together a fascinating little side project called Exploitable Labs.
In essence, Exploitable Labs is an online capture the flag environment. Participants connect to it, then go about finding various types of vulnerabilities -- in Web applications, servers and network devices. At the end of the exercise, the system spits out a report that can tell the participant where they're hot and where they're not.
Wayne designed the service to be used by people who hire penetration testers -- it's not a certification like CREST, it's an evaluation. It's an interesting idea!
Adam Boileau, as always, joins the show for a chat about the news headlines.
If you'd like links to the articles we discuss, you can find them in the show notes.
A chat with Bromium co-founder and CTO Simon Crosby...4 days 3 hours ago
What does one do with USD$100m in stolen Bitcoins?4 days 3 hours ago
$600 million buys you a lot of fail, apparently...1 week 4 days ago
Get your fill of the week's news!1 week 4 days ago
The Grugq spitballs some secure IM ideas...2 weeks 4 days ago