Risky Business #254 -- Does your pentester team know what it's doing?
This week's feature interview is with Wayne Ronaldson. Wayne's a security consultant with a company here called CQR, but he's cobbled together a fascinating little side project called Exploitable Labs.
In essence, Exploitable Labs is an online capture the flag environment. Participants connect to it, then go about finding various types of vulnerabilities -- in Web applications, servers and network devices. At the end of the exercise, the system spits out a report that can tell the participant where they're hot and where they're not.
Wayne designed the service to be used by people who hire penetration testers -- it's not a certification like CREST, it's an evaluation. It's an interesting idea!
Adam Boileau, as always, joins the show for a chat about the news headlines.
If you'd like links to the articles we discuss, you can find them in the show notes.
A global vulnerability analysis…17 hours 27 min ago
In some cases, yes!17 hours 29 min ago
Handy talk for CIOs and CSOs...17 hours 31 min ago
How far do decent crypto controls get us?17 hours 32 min ago
A call to action for infosec pros…17 hours 35 min ago
- Since you asked...
16 hours 16 min ago
- Love the Das Efx tribute.
11 weeks 1 day ago
- LOL so no comment by Adobe's
12 weeks 2 days ago
- Welcome back, great stuff as
14 weeks 6 days ago
- AEDs are very accurate and
21 weeks 2 days ago
- I did see that after we
21 weeks 4 days ago
- Great podcast, a small
22 weeks 3 days ago
- Peck of pickled peppers? We
25 weeks 1 day ago
- Link to Sophail: Applied
27 weeks 6 days ago
- Fixed. I got autocorrected...
30 weeks 23 hours ago