Dear Pen Tester, Are You Enough?
1:00 pm - 1:50 pm
Room: Virtual
Do you feel like you are doing penetration testing enough? Do you feel you get what you want out of your penetration test? Penetration testing has been a fundamental component of a security program but is known to be costly, point in time exercises that doesn’t always give the best insight. With the ever-changing landscape of organizations, manual penetration testing isn’t always enough, especially as, the boundaries of the organization are pushed beyond the traditional network edge. This session will review the fundamentals of penetration testing but transition to reviewing a newer concept, continuous security validation, its comparison against other forms of penetration testing in the market, and its value. Some short simulations of the automated security validation solution to demonstrate its capabilities will be included in the presentation.
Presenter
Kelley Ealy is a strategic and hands-on cybersecurity leader with over 20 years of experience in information security across multiple industries and customer bases. She began her career in technical and consulting roles evolving into leading as a CISO for several companies throughout her career with focuses primarily in managed services, healthcare, cloud and data centers. She has been able to drive the development of information security programs several times throughout her career. She has led consulting engagements with on premise and cloud customers for several compliance regulations and frameworks, including HIPAA/HITECH, PCI, SOX, GLBA, FFIEC, ISO 27002 and NIST. She holds multiple certifications from ISC2 and even writes exam questions from time to time. Kelley currently is the CISO for RedEye Networks Solutions and is responsible for driving the maturity of its cyber security program and ensuring compliance for SOC 2 Type II.