AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
The Cyber Threat Perspective
Episode 11: Offensive Security Testing Part 1 - Internal Pentesting
Oct 12, 2022
Dive into the world of internal penetration testing, where the focus shifts from traditional methods to real-world attack simulations. Discover how access control misconfigurations can be exploited and the critical importance of user behavior in security assessments. Learn about essential tools like Bloodhound and Pincastle, which help identify vulnerabilities in Active Directory. The conversation also highlights best practices for preparing effective penetration tests, such as thorough vulnerability assessments and robust security measures.
26:12
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Internal penetration testing aims to uncover vulnerabilities in an organization’s network by simulating attacks within a set timeframe.
- Assume Breach testing provides a realistic assessment of an organization's defenses by simulating scenarios where attackers have already gained access.
Deep dives
Understanding Internal Penetration Testing
Internal penetration testing involves simulating attacks on an organization's internal network to identify vulnerabilities within a specific timeframe. The process often includes deploying a testing device, such as a Kali laptop, to probe the network for weaknesses. This method aims to uncover as many security flaws as possible before the time expires. Unlike Assume Breach testing, which starts from a compromised perspective, traditional internal tests focus on general network vulnerabilities and may overlook the security posture of individual endpoints.
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode