Banking Dive: Banks engage in self-hacks to keep defenses sharp
On Mar. 9, 2020, NetSPI President and COO Aaron Shilts was featured in Banking Dive.
The next level of self-hack is conducted at a more enterprise level, called red team testing.
There are a few variations of the approach. In one, red-team testers adopt the tactics of a specific, known threat actor and try to achieve a specific objective against a chosen target.
Red teaming is typically done by banks that are at a higher level of security maturity overall, said Wong.
The value of penetration testing over simply using scanning software is that you’re adding humans to the mix, said Aaron Shilts, president and COO of vulnerability assessment firm NetSPI.
“If we were bad guys, you know, what would we use to get in?” Shilts told ABA. “How could we get in? What do their defenses really look like? With limited information, it’s kind of a good way to simulate how accessible the crown jewels are from the outside.”
Read the full article here.
Explore More News
Proof Over Promises: A New Doctrine for Cybersecurity
As cyberattacks grow in frequency and sophistication, traditional assurances like contracts and certifications are no longer sufficient. Instead, vendors must actively demonstrate their security resilience through measurable and continuous validation, such as penetration testing. This proactive approach not only strengthens vendor-customer relationships but also mitigates risks in an increasingly interconnected and vulnerable digital landscape.
The Age of Promises is Over, Vendors Must Now Lead with Evidence-Based Assurances
In today’s evolving cyber threat landscape, traditional vendor assurances like contracts and periodic audits are no longer sufficient. Sam Kirkman emphasizes the need for vendors to shift from trust-based compliance to evidence-based security, where measurable and continuous validation replaces outdated promises.
NetSPI Redefines Pentesting with New User Experience
NetSPI, the global leader in modern penetration testing, today announced a new, modern user experience for the NetSPI platform, reimagining what penetration testing should feel like for today’s enterprise: focused, fast, and easy.