The Cyber Threat Perspective Episode 69: Future Trends in Penetration Testing Part 1
Dec 6, 2023
Brad and Darrius dive into the future of penetration testing, highlighting the need for defenders to adapt to evolving threats. They discuss the shift in exploit languages to Rust and Go, and how this impacts defense strategies. The duo also explores trends in ransom dynamics, where attackers report victims, and new attack techniques like token theft. They emphasize the rising complexity of cloud environments and the importance of secure configurations. Finally, they touch on how attackers leverage cloud infrastructure to enhance their tactics.
AI Snips
Chapters
Transcript
Episode notes
Attackers Set The Pace
- The threat landscape moves fast and attackers set the pace for defenders to follow.
- Pen testers must continuously adapt or risk becoming irrelevant.
Exploits Are Migrating Languages
- Exploits are shifting into newer languages like Go, Rust, and Nim to evade EDR.
- Porting existing tooling to these languages restores native-like capabilities and bypasses detections.
Test Both New Frameworks And Legacy Tech
- Keep testing skills across modern frameworks and APIs rather than just legacy stacks.
- Maintain knowledge of older tech because legacy vulnerabilities still appear frequently.