From: The SANS Institute (sanssans.org)
Date: Mon Jan 14 2008 - 19:12:16 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: Security Express
From: Alan Paller, Director of Research
Subject: New techniques for pen testing to be shared at the SANS
Penetration Testing and Ethical Hacking Summit, Mar 17-20

The leading pen testers have discovered that the tools and techniques
they used just 12 to 18 months ago are almost entirely out of date. New
hacker techniques have made them obsolete. If you do penetration testing
or if you hire penetration testers, you won't want to miss this meeting.

SANS Penetration Testing and Ethical Hacking Summit
WhatWorks Best in Penetration Testing in 2008
March 17-20, 2008, Las Vegas, NV
http://www.sans.org/info/22074

Ed Skoudis and many of the other top penetration testing experts in the
United States and Europe are coming together at Ceasars Palace on March
17-20 in Las Vegas to share their latest and most sophisticated
techniques at the Pen Test Summit. This interactive forum is a unique
opportunity to update and turbo-charge your strategies.

Ed said, "This summit will help attendees maximize the effectiveness of
their penetration testing resources, whether they perform testing
themselves in-house or contract with outside firms. We'll look in-depth
at choosing the best tools, optimizing penetration testing and ethical
hacking processes, and emerging techniques used by cutting-edge pros.
With presentations and workshops from industry thought leaders, this
summit will help penetration testers, security assessment personnel, and
managers responsible for vulnerability assessments operate more
efficiently and effectively."

You will leave the Summit with an arsenal of solutions that you can put
to use immediately.

The Ten Things You Will Learn at the Summit: Critical Information You
Won't Find Anywhere Else

   - How malicious attacks have evolved and become much more
   sophisticated, and how the top penetration testers are adapting their
   processes to the changes.

   - The most effective new penetration testing practices - techniques
   that push the envelope, sophisticated new tools, and techniques for
   finding flaws - including the two best techniques for testing client
   side vulnerabilities in browsers and related programs.

   - How the leading penetration testers ensure comprehensive,
   repeatable tests and assessments.

   - How to limit the risk of crashing a service, or otherwise impairing
   target machines during a test.

   - How to conduct tests across large enterprises and scaling to have
   maximum effect with limited resources.

   - How to evaluate commercial scanning and testing tools, and free
   tools to find the best ones.

   - How to add web application analysis to a comprehensive penetration
   testing program.

   - The biggest "gotchas" that cause test problems - and, how to avoid
   them.

   - How to formulate findings to have maximum impact in improving the
   security of the target organization.

   - What the next generation of exploits and tools will look like.

Don't miss this unique meeting. Register today at:
http://www.sans.org/info/22079.

BONUS: If you are also a programmer or application security penetration
tester, plan to come a day early to take the new GIAC Certified Secure
Programmer examination on March 16. For more data on the certifications
and exams, see http://www.sans.org/info/22143.

Check out the Test Blueprints/Sample Tests/Test Specs at
https://www.sans-ssi.org/blueprint.php.

We'll see you in Las Vegas! (http://www.sans.org/info/22074)

Kind regards,

Alan Paller
Director of Research
SANS Technology Institute, a postgraduate computer security college

**************************

SANS is pleased to announce our new Training and Events Calendar - an
easy way to see what opportunities are available to you during the
coming month! The current calendars are now available for download from
http://www.sans.org/info/7926.

SANS Webcasts are free live Web broadcasts that allow you to hear a
knowledgeable speaker while viewing presentation slides that you
download in advance. To learn more or to subscribe to our Webcast
calendar go to http://www.sans.org/info/13271.

To change your subscription, address, or other information, visit
http://portal.sans.org. If you wish to have your name removed from our
mailing list, visit the site above, click on "update your account" and
check the box "Do not send any e-mail."

**************************

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]