NetSPI will both present and exhibit at the conference to showcase their solutions that improve an organization's security posture. Event attendees will have the opportunity to see first-hand how NetSPI's portfolio is designed to address the most critical vulnerability challenges that security organizations face. NetSPI's security experts will be providing best practices and insights during their presentations and will also be available to meet 1:1. To schedule your sessions, click here.
NetSPI's presentations at Black Hat USA include:
PowerUpSQL: A PowerShell Tooklit for Attacking SQL Servers in Enterprise Environments:
When: Thursday, Aug. 9, 2018 @ 10:00 a.m.
Where: Business Hall (Oceanside), Arsenal Station 4
Who: Scott Sutherland and Antti Rantasaari of NetSPI
Session Summary: This session includes training on functions supporting SQL Server discovery, weak configuration auditing, privilege escalation on scale, and post exploitation actions such as OS command execution. The tool includes additional functions used by administrators to quickly inventory the SQL Servers in their Active Directory Server (ADS) domains, and perform common threat hunting tasks related to SQL Server. PowerUpSQL enables red, blue, and purple team in automating day to day tasks involving SQL Server.
Mainframe [z/OS] Reverse Engineering and Exploit Development:
When: Thursday, Aug. 9, 2018 @ 3:50 p.m.
Where: Jasmine Ballroom
Who: Chad Rikansrud, NetSPI's Mainframe Partner of RSM Partners
Session Summary: Talk to a Fortune 500® who is running mainframe and they'll tell you two things: (1) without their mainframes they'd be out of business, and (2) they do not conduct any security research on them, let alone vulnerability scans. This session is focused on providing various tools that exist on the platform to help you in doing your own reverse engineering, followed by detailed steps on how to start your own exploit development.
In addition to these presentations, attendees will have the opportunity to learn more about the following:
Application & Infrastructure Security Testing Services: See how NetSPI's security testing services are designed to address bandwidth, expertise gaps, and compliance needs. NetSPI provides penetration testing services encompassing everything from mobile and web apps to cloud, network, mainframe, IoT, and more. Additional strategic services include Threat &Vulnerability Management Assessments, and attack simulation services which encompasses red team, social engineering, detective controls testing, and more.
NetSPI Resolve™ Vulnerability Orchestration Software: Learn how NetSPI Resolve removes the risk of managing vulnerabilities in spreadsheets, and arduous administrative tasks that cause large-scale inefficiencies. The software provides a system of record for all application and infrastructure vulnerabilities through its scanner-agnostic integration engine that also brokers cross-departmental workflow and communications. NetSPI Resolve reduces your risk by providing the visibility needed to actively manage your remediation efforts while increasing your security testing coverage by over fifty percent without adding additional staff.
Click here to sign up for a 1:1 security advisory session or a software demo.
NetSPI LLC is the leading provider of application and network security testing solutions that supports organizations in scaling and operationalizing their threat and vulnerability management programs. The solution portfolio includes security testing services, vulnerability orchestration software platform, and advisory services. Trusted by six of the top ten United States banks, the largest global cloud providers, and many of the Fortune® 500, NetSPI has deep expertise in financial institutions, healthcare providers, retailers, and technology companies. NetSPI is headquartered in Minneapolis, Minnesota with additional offices in Dallas, Denver, Portland, and New York. For more information about NetSPI, please visit https://www.netspi.com.