Showing posts from March, 2012

Penetration Testing considered harmful today

Early last year we presented at 44con with a talk titled: " Penetration Testing considered harmful today ". 44con have just released the video so we figured it was worth a quick recap (for anyone not willing to tolerate the whiny voice!) The original slides (in PDF) are available ( here ) The central thesis of the talk is that penetration testing has established itself as a necessary activity for securing a network and is now pushed forward by a multi million dollar industry despite the clear signs that it is not helping all that much. ( Read the annotated slides here ) Watch the video here :