Getting Ready For Black Hat And Def Con By Building Trust Join Us. spamming-toolscc, valid4youcc
It’s just about time for the security world to head to Las Vegas next week for Black Hat, BSides Las Vegas, and DEF CON 27 to share stories, network with peers, and talk about new ideas presented by the best security talent in the world. While these conferences may differ in the makeup of attendees and also in the likelihood of needing a burner phone, all three conferences recognize the need to work collaboratively in order to improve the security of the digital world.
The recent barrage of security headlines, including the record-breaking penalties, fines, and breaches will likely dominate the conversations, panels, and themes we see addressed during Black Hat and DEF CON in Vegas next week. One example is a big headline we’ve all seen in the news just this past week. A hacker breached the personal information of 100 million Capital One credit-card customers and applicants in the U.S. and six million in Canada, making it one of the most damaging consumer data breaches in the U.S. With headlines like these filling the news cycle, it makes it difficult for ethical hackers and organization to build trust in their brand.
Synack has the unique opportunity to sit between two worlds of ethical hackers and enterprise and government organizations. The common goal is making the world a safer place and the common language they share is – TRUST.
At Synack we take pride in our elite Synack Red Team (SRT), hand picked for both their strong technical skills and trustworthiness. Synack SRT researchers must pass through a rigorous five stage vetting process, the most stringent combination of screening, interviews, skills testing, and vetting in the industry. Our vetting is more rigorous than even most employee screenings conducted by corporations. Synack’s vetting process eliminates the majority of applicants with less than 12% making it to the final onboarding stage and being confirmed as Synack Red Team members. Our unique approach also provides additional safety assurances such as a customer portal that provides visibility and transparency throughout the engagement and lifecycle of a vulnerability, control of the pace and cadence of research traffic with the ability to pause the engagement instantly for any reason, and a customizable researcher talent pool with the ability for resource customization on a per assessment basis through tailored grouping features and a specialized researcher requirements intake process.
Recent court documents on the Capital One breach indicate that a poorly configured firewall led to the breach. Over 100 million people have been unnecessarily violated once again for something proper security hygiene with continuous security testing could have discovered earlier. The earlier that security testing takes place in the SDLC, the shorter the lifetime of a vulnerability will be, which is why it’s important to adopt a continuous security approach and integrate into your DevOps. By integrating security as part of your development lifestyle and combining human intelligence with artificial intelligence you get the most realistic and practical assessment of your security landscape 24/7/365.
Trust is a central tenet of Synack’s brand and a leading consideration for us not only as we developed our vetting process for the Synack Red Team, but also as we built the Synack Platform with technology controls for the mutual protection of both our customers and our researchers. Trust needs to be considered on all fronts when it comes to cybersecurity. Ryan Rutan, Director of Synack Red Team Community, and Punky Witt, Director of Product Marketing, talked about why ethical hackers and enterprise companies need to prioritize trust and why it should be a key pillar to building their brands on our Trust Series podcast. I encourage you to listen to this new episode of our podcast to learn more about:
This podcast is a great listen as you pack and prepare for Black Hat, BSides, and DEF CON next week!
We’d love to talk more with you about ‘Trust’ in person next week if you’re headed to Vegas. We have an action-packed lineup of events throughout the week, spanning all conferences, and we hope to see you there!:
At any time, come by for a product demo and conversation to learn how to improve the ROI on your security investment!
More from Synack during Black Hat and DEF CON:
RSVP for any or all of the events here. See you in Vegas!