Penetration Testing – What Is It Good For?
This webinar will focus on offensive security assessments on information systems, also known as penetration tests, in an internal audit context. Topics will include an overview of penetration testing, the value it can bring to an audit, when it is appropriate, how to acquire the skills or services necessary for an effective penetration test, and a discussion of some tools and methodologies of penetration testing.
Speakers: Eric Randle, Senior Penetration Tester, Creative Breakthroughs Inc.
Eric Randle has been involved with information security since 2004. He holds several certifications; Offensive Security Certified Professional (OSCP), Certified Penetration Testing Engineer (CPTE), GIAC Web Application Penetration Tester (GWAPT), and Certified Information Systems Auditor (CISA). In 2005 he graduated from Ferris State University with a B.S. in Computer Information Systems and in 2009 a MBA with highest distinction while completing an advanced studies certificate in information security and network management. In 2006 Eric joined the University of Michigan as systems administrator. In 2009 Eric joined the U-M College of Literature Science and Arts as an IT Asset Manager and Security Administrator. In 2011 Eric joined the U-M internal audit department as an IT Auditor. Eric joined CBI in 2017 as a Senior Penetration Tester. At the 2016 SANS Crystal City conference, Eric won the SEC542 Web Application Penetration Testing CTF Challenge Coin. He is a regular contributor to local security organizations and conferences, and has presented to the Michigan Cyber Civilian Corps.
Upon completion of this program participants will be able to:
1. Evaluate when it is appropriate to perform a penetration test.
2. Assess when a penetration test can add value.
3. Recognize resources to help perform a penetration test.
Field of Study: Auditing
Program Level: Overview
Type of Delivery Method: Group-internet-based
Advanced Preparation: None
CPE Credit: 1 Credit Hour