Session Abstract:

For over two decades, organizations have been relying on penetration tests to help them identify security holes. While the techniques used by adversaries to breach systems have evolved over the years, one thing remains constant: System security vulnerabilities are continually being discovered and the cyber-criminals continue to exploit them. Regular penetration testing of your systems can help you identify your weaknesses before they can be exploited by adversaries.

This session will provide you with an overview of penetration testing, the types of penetration tests, best practices and common mistakes on both the providing and receiving end of a pentest. Auditors will learn what to look for when reviewing penetration test reports, and how to read them. 

Speaker Bios:

Arafat Afzalzada (CISSP, PCNSE)

With more than 7 years of professional experience, Arafat Afzalzada is a Manager of Offensive Security in Richter's Risk, Performance and Technology Consulting division. Arafat specializes in Penetration Testing and Red Team assessments in various domains such as website, network and wireless.

Prior to joining Richter, Arafat worked for large financial firms and technology companies in Canada. His latest experience was working as a Penetration Tester and Application Security Engineer at a leading supply chain data management company in Canada.

David Greenham (CISSP, CCSP, CISM, CISA, QSA, ISO 27001 LA, SABSA SCF)

David Greenham has been advising organizations on mitigating information security and cybersecurity risks for over 20 years. With extensive experience in leading security assessments and consulting engagements, David has become a trusted advisor in the areas of cybersecurity, Payment Card Industry (PCI) compliance, ISO 27001 certification, Threat and Risk Assessment (TRA), as well as developing and improving information security programs. With an inquisitive mind, David is a frequent researcher of cybersecurity-related topics and has authored several articles on the subject matter. When he is not serving clients or doing research, David shares his knowledge with his team members to help improve their capabilities through methodology development and knowledge transfer.

CPE: 4.0 Hrs

Please Note:  There is a cancellation policy in effect