Name: Varun Srivastava,
Designation: Head, Cyber Threat Intelligence,
Organization: Mubadala / Injazat Data Systems.
Topic: Intelligence Led Penetration Testing
Date of Webinar: 28th Nov, 2019
Time and Location: 5pm Dubai Time/ 6:30pm IST/ 1pm GMT
Speaker Bio: Varun Srivastava is a Cyber Security Professional with 12+ years of experience in this domain. He currently heads Cyber Threat Intelligence function for Mubadala / Injazat Data Systems based out of Abu Dhabi, UAE. Varun started his career as co-founder of his Cyber Security company with extensive projects across public and private sector organisations covering Europe, US and South East Asia regions. Varun has later worked in senior positions across Fortune 500 companies including Philips, Adobe and PwC from building large scale Cyber Security Operations Center, operationalizing Cyber Security solutions to implementing strategic Cyber Security Frameworks and executing Global Audit Programs. Varun has authored multiple books and research papers in Cyber Security and has been recipient of PwC experience award for his exemplary performance. Varun serves on advisory board of startups to contribute towards organic growth in their offerings covering Blockchain technology and E-Commerce. He speaks regularly in global Cyber Security conferences including CISO Leadership Summit among others.
Topic Abstract: When traditional Penetration Testing (PT) activity is enhanced by adding CTI context to the exercise, it provides a value addition to the target audience which enriches the situational awareness of the exercise and in turn, provides better ability to decision makers for evaluation and strategy.
The difference between CTI Driven Penetration Testing and conventional technical assessments of network security is that CTI-PT is based upon rich contextualised intelligence which informs and guides how the test should be conducted, what attack methods should be simulated and where testers should focus their resources. They provide a more structured and effective approach for companies to mitigate their cyber risk, avoid cyber-attacks and understand the real effectiveness of key technical security controls they have put in place.
In this webinar, we will learn phases of Penetration Testing and their correlation with CTI based information enrichment. We will gain insight into how CTI data provides context to the PT planning; what aspects of PT get evolved with the data enrichment and how situational awareness provided to the analyst adds more context to overall PT strategy.