An Internal Auditor’s Guide to Cybersecurity Part 2: Penetration Testing
An Internal Auditor’s Guide to Cybersecurity Part 2: Penetration Testing
Emily Swindle Senior Consultant Risk Advisory
Donel Martinez Director Risk Advisory
Jeremy Archer Managing Director Cyber Defense
Skylar Slotter Senior Manager Cyber Defense
Vulnerability Management vs. Vulnerability Assessment
Elements of Vulnerability Management
6
Team Involvement
Blue Team Purple Team Red Team
The defense team. This team may include SOC personnel, incident response teams, analysts, and security engineers.
Created when the red team and the blue team work together to test an organization’s defenses
and identify opportunities for improvement.
A dedicated attack team who emulates enemy
tactics to achieve objectives outlined by an
organization’s leaders.
What value do vulnerability assessments provide to an organization?
How do red and blue teams intersect with internal audit?
Anti-virus Deployment Use Cases
Anti-virus Configuration Example
Anti-virus Tool
Threat Modeling Series of Increasingly Difficult Tests
Wireless Example
How can internal audit help strengthen the security perimeter?
12
What are best practices for vulnerability scanning?
What is the difference between a pen test and a vulnerability
assessment?
People TechnologyProcesses
Penetration Testing Focus Areas
Why would an auditor look at a pen testing report?
Report Excerpt
Severity vs. Risk
Gary McIntyre Managing Director Cyber Defense
Episode 3: Internal Audit & the SOC
August 12, 2020 | 1 PM ET