Core Connect 2017

Vulnerability Assessments, Penetration Tests and Red Teaming – Do you know what these tactics are all about? In this session, we will present our understanding of these practices in terms of when to apply them and what to expect. Nowadays, organizations run on top of hundreds, if not thousands, of Information Technology assets with some of them on premise and others cloud based. Having control over all of this is a challenging task. Based on our extensive experience with securing our customers, I will show what real findings and attack trends look like while hopefully, shedding some light on how to be prepared to resist current attacks.

DevOps seems to be where all the cool kids in IT are hanging out these days. While not all of us get to work in DevOps shops, we can steal some of the toolset to up our game for lab and skills development purposes. In this talk, you'll not only learn about DevOps-y tools like packer, vagrant and ansible - but how you can use them to make it easier to build and share lab environments for testing, training and more.

Everyone loves a good tip, like turning on your seat warmer to keep a pizza hot while driving home. In this session an experienced pen-tester will walk users though cool features and unique ways to use Core Impact during testing, such as demonstrating how to set up DNS channels for agent communications, downloading and running PowerShell scripts even when compromised devices do not have internet connectivity, how to utilize the agentless WMI testing capabilities to make your tests even more stealthy, and much, MUCH more! Come to this session and learn how to continue advancing your pen-testing by utilizing the full functionality of Core Impact.

Let’s write a story, not a short story or a novel, but a “Product” User Story related to Impact. Grammar not your strong suit? No worries, an easy template will be provided, just fill in the blanks. It’s kind of like Mad Libs but with the purpose of creating a new product feature, and maybe a few laughs in the process. In this hands on session, users will be separated into small groups. Groups will select one of three new product features or they can develop their own. Using a simple template, groups will create a user story for this feature on how they would want it to work and the purpose of the feature. User Stories are used by Product Management to convey a feature idea to the developers so they understand the end goal of the design. Please join us to create a new Impact User Story.

Anatomy 101 of how and what threats actually do in your network.  In this session we will pick a well-known threat and go through the cycle of how actors behave and how security teams can deter, detect, respond and validate using Core Security products. 

Make your mark on the future of Impact! Join Jesse Irvin, Core Security’s Product Manager for Core Impact, and tell him what you want to see in the next releases of Core Security’s penetration testing products.