The theme of this year’s roundtable was security vulnerabilities – many of which have been deemed critical over the last 12 months.
This is enough to give security teams some serious sleepless nights. Zerologon, F5 BIG IP, SigRed and multiple vulnerabilities in Citrix are just some of the big-name vulnerabilities that were disclosed.
To talk through the subject matter we were delighted to be joined by our panel of experts, who explored how 2020 compared to other years when it comes to vulnerabilities and the risk they pose to organisations. The panel also discussed underlying vulnerability and technology trends, and looked into the future to predict what vulnerability management challenges lie ahead for organisations in 2021.
George Glass, Redscan
George is the Head of Threat Intelligence at Redscan, managing our team as they aggregate and analyse data to help organisations quantify and mitigate cyber security risks. George has a wide experience in SecOps across a number of different industries including Defence, Finance and eCommerce. He is also a specialist in automation and threat hunting.
Dinis Cruz, Glasswall
Dinis is the CTO and CISO of Glasswall and author of Generation Z Developers. Dinis is also project leader at The Open Web Application Security Project, where he plays a key role in deciding the OWASP top ten, a list that represents a broad consensus on the most critical security risks to web applications, widely used by developers and security pros.
Tom Tervoort, Secura
Tom is a Senior Security Specialist for Secura, a security company based in the Netherlands, and is credited for discovering the devastating Zerologon vulnerability this year. Tom regularly performs network pentests, web/mobile application assessments, as well as code, configuration and design reviews for large Dutch companies and instutions. His primary areas of interest include crytographic protocols and cryptography engineering, advanced web attacks and Windows AD pentesting.
Dr Elizabeth Bruton, London Science Museum
Elizabeth is curator of technology & engineering at the London Science Museum, and has a specialist interest in communications, computing, technology and military history. Elizabeth curated the recent Top Secret: From ciphers to cyber security exhibition in London at the start of 2020, an exhibition which is due to launch in Manchester in 2021.
Read more on what we covered during the event:
Press coverage
The roundtable event was covered by the national cyber security media:
- InfoSecurity Magazine – “2020: The Most Vulnerable Year Yet?”
- ITPro – “The scariest security horror stories of 2020”
Ethical Hacking Roundtable 2020
As a counterbalance to misconceptions about ethical hacking, in 2020 Redscan decided to bring together a number of cyber security experts to consider the state of the industry and examine current risks, challenges and trends.
The panel discussed what constitutes ‘ethical’ in the context of hacking, the benefits of hacking to businesses and society, where the boundary lies between legal and illegal activity, and other hot topics.
See all the resources from 2020
About Redscan
Redscan is an award-winning provider of managed security services, specialising in threat detection and integrated response.
Possessing a deep knowledge of offensive security, Redscan’s experts are among the most qualified in the industry, working as an extension of clients’ in-house resources to expose and address vulnerabilities plus swiftly identify and shut down breaches. Services offered include CREST accredited Penetration Testing, Red Teaming and Managed Detection & Response.
By understanding how attackers operate, leveraging cutting-edge threat intelligence, and offering highly acclaimed customer service, Redscan’s cyber security professionals can be trusted to provide the insight and support needed to successfully mitigate information security risk and achieve compliance standards.