let s make pentesting fun again
play

Let's make pentesting fun again! Report writing in 5 minutes. Adrian - PowerPoint PPT Presentation

Fab Romnia Let's make pentesting fun again! Report writing in 5 minutes. Adrian Furtun Founder & CEO https://pentest-tools.com Pentest reporting 2018 https://pentest-tools.com 2 Pentest reporting 2018 https://pentest-tools.com 3


  1. Fab România Let's make pentesting fun again! Report writing in 5 minutes. Adrian Furtunã Founder & CEO https://pentest-tools.com

  2. Pentest reporting 2018 https://pentest-tools.com 2

  3. Pentest reporting 2018 https://pentest-tools.com 3

  4. Background info 2018 https://pentest-tools.com 4

  5. About me # Ex-fulltime pentester  10+ years of experience in ethical hacking & IT security  Reformed programmer # Founder of Pentest-Tools.com # Associate professor @ MTA, UPB # Speaker at security events and conferences:  Hack.lu - Luxembourg  Hacktivity – Budapest  ZeroNights - Moscow  Defcamp - Bucharest  OWASP Romania, etc 2018 https://pentest-tools.com 5

  6. Pentest-Tools.com # We help companies become resilient against cyber attacks  Self-security assessment service  Periodic scans & notifications 80%  Recommendation for fixing the issues Security 20% Effort  Coverage 25+ essential tools • Updated • Configured • Ready to run 2018 https://pentest-tools.com 6

  7. Website activity # 1,4 million users last year # Organic growth Audience Overview (Google Analytics) Company started 2018 https://pentest-tools.com 7

  8. Our customers # > 3000 customers # 120 countries # 80% companies (SMEs) # 20% individuals 2018 https://pentest-tools.com 8

  9. Back to pentest reporting 2018 https://pentest-tools.com 9

  10. Solution 1 # Copy-paste from previous reports  What was the latest good version?  Search for findings in multiple reports  Adapt to the current client (!) 2018 https://pentest-tools.com 10

  11. Solution 2 # Make your own report generator tool  Who makes it?  Who maintains it (bug fixing, new features, updated, etc)?  Who keeps it updated and clean with the latest findings? 2018 https://pentest-tools.com 11

  12. Solution 3 # Use a third-party report generation tool  Serpico: • https://www.serpicoproject.com • https://github.com/SerpicoProject/Serpico  VulnReport: • http://vulnreport.io/ • https://github.com/salesforce/vulnreport # Challenges:  Deployment & Initial configuration  Learning a new reporting tool  Importing scan results 2018 https://pentest-tools.com 12

  13. Our solution # Cloud-based # Scanning Tools => Results => Reporting (.docx) 2018 https://pentest-tools.com 13

  14. Pentest-Tools.com # DEMO 2018 https://pentest-tools.com 14

  15. Vouchers - 300 Free Credits # https://pentest-tools.com/register  Voucher code: DEFCAMP2018  Obtain 300 Free Credits into your new account 2018 https://pentest-tools.com 15

  16. Our team Vlad Turcanu Eusebiu Boghici George Pitis Mihai Burduselu Andrei Damian Adrian Furtuna Advisors Andrei Pitis Diana Olar 2018 https://pentest-tools.com 16

  17. Fab România Thank you! Adrian Furtunã adrian.furtuna@pentest-tools.com 2018 https://pentest-tools.com 17

Recommend


More recommend