7 Minute Security

7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.

https://7ms.us/

subscribe
share



 

7MS #375: Tales of Pentest Fail #3


I swear this program isn't turning into the Dr. Phil show, but I have to say that sharing tales of fail is extremely therapeutic for me, and based on your comments, it sounds like many of you feel the same way too. Today's takeaways include:

  • Doing a 8-10 hour internal pentest is probably overly ambitious. Seriously, it's really NOT a lot of time.
  • If a client uses a logging/alerting system, vulnerability scanning is very loud to their digital ears
  • Checking for DNS zone transfers is a good idea!


share





 2019-08-02  40m