Hack Red Con 2024
-
End the Burnout - 3 things your CISO wishes you knew.
Mark Thacker
-
Doors, Cameras, and Mantraps: Oh, my!
Dylan "The Magician" Baklor
-
Registration Opens
Oct. 25
-
Opening Ceremony
Oct. 25
-
Keynote Round Table - Ed Skoudis, Dave Kennedy, Ken Nevers, Amanda Berlin
Oct. 25
-
Intro to Infrastructure Automation for Offensive Security
Alex MartirosyanOct. 25
-
Securing Derby 150
Jason PaytonOct. 25
-
Creating Intelligence From Malware Samples
Jon "Wally" Prather and Jeff SmealOct. 25
-
CISO Roundtable
Oct. 25
-
Tough Adversary? Don’t Blame Sun Tzu
Dr. Gregory CarpenterOct. 25
Let’s paint a picture together:
You just had a pen test/red team. The contractor now wants to know what activity you caught because, like any good testing group, they want to give you credit for everything they can. You politely ask your huge MSSP, who you pay a stupid amount of money to, for their data. And then….
Nothing. or close to it…
But why, you ask?! We sent them money 2 years ago for a thing, why don’t we have the thing? Well, there could be a million reasons, and we’re going to get into all of it! Here’s a teaser: it isn’t necessarily their fault.
Come join me as we talk about why this happens so often (trust me, it happens oh so often) and what you can do about it. Some takeaways will be:
Learning Objectives:
- How to better monitor what your providers are doing
- How to get the most out of the relationship
- The basics of what every MSSP should be doing
- The basics of what YOU should be providing your MSSP
- How to spot a sketchy vendor
- When it’s time to say goodbye to your current vendor
- Learn from plenty of stories
- Much more!