Penetration Testing Basics Webinar ControlCase
ControlCase
2,196 views
24 slides
Sep 30, 2024
Slide 1 of 24
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
About This Presentation
WEBINAR AGENDA
ControlCase, a CREST-accredited Penetration Tester, is hosting a Penetration Testing Webinar on September 26th at 11 am. Sandeep Joshi and Shashank Vaidya will be discussing the importance of Penetration Testing, ControlCase’s service offerings, and more. Don’t miss out! Secure yo...
Slide Content
YOUR IT COMPLIANCE PARTNER
GO BEYOND THE CHECKLIST
WEBINAR
Penetration Testing Basics
GO BEYOND THE CHECKLIST
WEBINAR
Penetration Testing Basics
ControlCase. All Rights Reserved. 2
Agenda
Introduction to
Penetration
Testing
Importance of
Penetration
Testing
Penetration
Testing Services
Services Detail
01 02 03
04
Outcomes & Reports
05
Q&A
06
Agenda
Introduction to
Penetration
Testing
Importance of
Penetration
Testing
Penetration
Testing Services
Services Detail
01 02 03
04
Outcomes & Reports
05
Q&A
06
Shashank Vaidya
Vice President
Cybersecurity Services
Sandeep Joshi
VP Business Development
Presenters:
Vice President
Cybersecurity Services
Sandeep Joshi
VP Business Development
Presenters:
ControlCase
Snapshot
© ControlCase. All Rights Reserved.
Snapshot
© ControlCase. All Rights Reserved.
© ControlCase. All Rights Reserved. 5
ControlCaseOverview
Best-in-Class
Compliance
Platform
ControlCase is revolutionizing the way enterprises and organizations deal with the numerous and
frequently changing IT compliance and regulatory requirements
Proprietary software, including appliance and SaaS solutions, that enable CaaS (GRC and Data Discovery)
Compelling proprietary offering combining proprietary software, certification/audits, and managed services on a
single platform.
One Audit
TM
enables our clientele to Assess once: Comply to Many
Leadership positions in the PCI DSS, SOC 2, ISO 27001, HIPAA, HITRUST, FedRAMP and CMMC domains
Servingover1,000customers
GlobalfootprintwithofficesintheU.S.,LATAM, Europe,India,Canada, andUAE
Leverages anoffshore deliveryinfrastructureforcompetitiveadvantage
ITcompliancemanagerformultipleindustrysegmentsincludingbanking,serviceproviders,retail,
hospitality,andtelecom
GlobalVision
&Solutions
Enhancement
Provider of Compliance as a Service (CaaS)
subscription-based offering bundling proprietary GRC
software and managed services
Founded in 2004
Headquartered in Fairfax,
VA
Offices in U.S., Canada,
India
250+ employees
ControlCaseOverview
Best-in-Class
Compliance
Platform
ControlCase is revolutionizing the way enterprises and organizations deal with the numerous and
frequently changing IT compliance and regulatory requirements
Proprietary software, including appliance and SaaS solutions, that enable CaaS (GRC and Data Discovery)
Compelling proprietary offering combining proprietary software, certification/audits, and managed services on a
single platform.
One Audit
TM
enables our clientele to Assess once: Comply to Many
Leadership positions in the PCI DSS, SOC 2, ISO 27001, HIPAA, HITRUST, FedRAMP and CMMC domains
Servingover1,000customers
GlobalfootprintwithofficesintheU.S.,LATAM, Europe,India,Canada, andUAE
Leverages anoffshore deliveryinfrastructureforcompetitiveadvantage
ITcompliancemanagerformultipleindustrysegmentsincludingbanking,serviceproviders,retail,
hospitality,andtelecom
GlobalVision
&Solutions
Enhancement
Provider of Compliance as a Service (CaaS)
subscription-based offering bundling proprietary GRC
software and managed services
Founded in 2004
Headquartered in Fairfax,
VA
Offices in U.S., Canada,
India
250+ employees
ControlCase Snapshot
© ControlCase. All Rights Reserved. 6
CERTIFICATION AND CONTINUOUS COMPLIANCE SERVICES
Go beyond the auditor’s checklist to: Dramatically reduce the time, cost, and burden of maintainingITcompliance and becoming certified.
Demonstrate
compliance more
efficiently and cost
effectively (cost
certainty)
Offload much of the
compliance burden to a
trusted compliance
partner
Improve efficiencies
by doing more with
less resources and gain
compliance peace of
mind
1,000+
CLIENTS
10,000+
IT SECURITY
CERTIFICATIONS
275+
SECURITY
EXPERTS
© ControlCase. All Rights Reserved. 6
CERTIFICATION AND CONTINUOUS COMPLIANCE SERVICES
Go beyond the auditor’s checklist to: Dramatically reduce the time, cost, and burden of maintainingITcompliance and becoming certified.
Demonstrate
compliance more
efficiently and cost
effectively (cost
certainty)
Offload much of the
compliance burden to a
trusted compliance
partner
Improve efficiencies
by doing more with
less resources and gain
compliance peace of
mind
1,000+
CLIENTS
10,000+
IT SECURITY
CERTIFICATIONS
275+
SECURITY
EXPERTS
ControlCase Snapshot – Solution
© ControlCase. All Rights Reserved. 7
Certification and
Continuous
Compliance Services
Partnership
Approach
Compliance
HUB
TM
+ =
IT Certification
Services
Continuous
Compliance
Services
&
© ControlCase. All Rights Reserved. 7
Certification and
Continuous
Compliance Services
Partnership
Approach
Compliance
HUB
TM
+ =
IT Certification
Services
Continuous
Compliance
Services
&
Certification Services
One Audit
Assess Once. Comply to Many.
© ControlCase. All Rights Reserved. 8
One Audit
Assess Once. Comply to Many.
© ControlCase. All Rights Reserved. 8
© ControlCase. All Rights Reserved.
What is Penetration
Testing
What is Penetration
Testing
What is Penetration Testing
© ControlCase. All Rights Reserved. 10
Identify Security
Vulnerabilities
Real-World
Attack Simulation
Focused on CIA
Triad
© ControlCase. All Rights Reserved. 10
Identify Security
Vulnerabilities
Real-World
Attack Simulation
Focused on CIA
Triad
© ControlCase. All Rights Reserved.
Why is Penetration Testing
Important for Your Org?
Why is Penetration Testing
Important for Your Org?
Why is Penetration Testing Important?
© 2020 ControlCase. All Rights Reserved. 12
27
15
5
0 1
0 0 1
3
2
0 0 1 0 0
2
1
41
0
5
10
15
20
25
30
35
40
45
Compromises by Attack Vectors (in %)
© 2020 ControlCase. All Rights Reserved. 12
27
15
5
0 1
0 0 1
3
2
0 0 1 0 0
2
1
41
0
5
10
15
20
25
30
35
40
45
Compromises by Attack Vectors (in %)
Why is Penetration Testing Important?
© ControlCase. All Rights Reserved. 13
Prevent Data Breach
Enhances Security Posture
Cost Effective
Compliance and Regulations
Projects Brand Reputation
Boosts Customer Confidence
© ControlCase. All Rights Reserved. 13
Prevent Data Breach
Enhances Security Posture
Cost Effective
Compliance and Regulations
Projects Brand Reputation
Boosts Customer Confidence
© ControlCase. All Rights Reserved.
What are the Penetration
Testing Services?
What are the Penetration
Testing Services?
Four Sectors of Data Breach
© 2020 ControlCase. All Rights Reserved. 15
DATA
BREACH
Misconfiguration
Segment Test
Card Data Discovery
Firewall Rule-Set Review
Secure Code Review
Config Review
Wireless Scan / WIFI Penetration Testing
Net. Sec. Architecture Review
Vulnerability Management
ASV Scan
External NPT
IVA Scan
Internal NPT
Application PT
Phishing and Insider Threats
Training
Social Engineering
IT Security Audit
Supply Chain Attacks
Third-Party Security Audit
© 2020 ControlCase. All Rights Reserved. 15
DATA
BREACH
Misconfiguration
Segment Test
Card Data Discovery
Firewall Rule-Set Review
Secure Code Review
Config Review
Wireless Scan / WIFI Penetration Testing
Net. Sec. Architecture Review
Vulnerability Management
ASV Scan
External NPT
IVA Scan
Internal NPT
Application PT
Phishing and Insider Threats
Training
Social Engineering
IT Security Audit
Supply Chain Attacks
Third-Party Security Audit
© ControlCase. All Rights Reserved.
Penetration Testing
Overview & Detail
Penetration Testing
Overview & Detail
Penetration Testing Details
© ControlCase. All Rights Reserved. 17
Highly Skilled and
Experienced Subject
Matter Experts
Well-Defined
Methodology
Industry Recognized
Tools
ControlCase
Compliance Hub
Certifications from
Industry recognized
Institutions including
EC-Council
Offensive Security
Global Information
Assurance
Certification(GIAC)
CompTIA
ISACA
ISC
2
Product Specialization
Coverage of well-known
Standards including PCI
DSS, NIST, OWASP,
SANS
Hybrid Approach
(automated and manual
testing)
Simplified with 3 Steps
Approach including
Information Gathering
Execution
Revalidation
Use of Industry
Recognized Tools
including
Nessus Professional
Qualys
Rapid7 Nexpose
Netsparker
BurpSuite Professional
Titania Nipper
Snappy Tick
Metasploit
Innovative Technology
with use of secure
channels and MFA
Multipurpose Single
Platform for
Communication
Data Storage
Report Deliveries
Status Tracking
© ControlCase. All Rights Reserved. 17
Highly Skilled and
Experienced Subject
Matter Experts
Well-Defined
Methodology
Industry Recognized
Tools
ControlCase
Compliance Hub
Certifications from
Industry recognized
Institutions including
EC-Council
Offensive Security
Global Information
Assurance
Certification(GIAC)
CompTIA
ISACA
ISC
2
Product Specialization
Coverage of well-known
Standards including PCI
DSS, NIST, OWASP,
SANS
Hybrid Approach
(automated and manual
testing)
Simplified with 3 Steps
Approach including
Information Gathering
Execution
Revalidation
Use of Industry
Recognized Tools
including
Nessus Professional
Qualys
Rapid7 Nexpose
Netsparker
BurpSuite Professional
Titania Nipper
Snappy Tick
Metasploit
Innovative Technology
with use of secure
channels and MFA
Multipurpose Single
Platform for
Communication
Data Storage
Report Deliveries
Status Tracking
© ControlCase. All Rights Reserved.
Penetration Testing
Outcomes & Report
Penetration Testing
Outcomes & Report
Penetration Testing Outcomes
ControlCase. All Rights Reserved. 19
•Technical Outcome
•Detailed Vulnerability Identification with Proof of
Concept
•Security GAPs in environment and assistance in
remediation
•Effective Implementation of Security Controls
•Performance Insights
•Senior Management Outcomes
•Risk Overview
•Prioritized Action Plan and Improved Decision-
Making
•Compliance and Regulatory Alignment
•Reputation Management
•Enhanced Stakeholder Confidence
ControlCase. All Rights Reserved. 19
•Technical Outcome
•Detailed Vulnerability Identification with Proof of
Concept
•Security GAPs in environment and assistance in
remediation
•Effective Implementation of Security Controls
•Performance Insights
•Senior Management Outcomes
•Risk Overview
•Prioritized Action Plan and Improved Decision-
Making
•Compliance and Regulatory Alignment
•Reputation Management
•Enhanced Stakeholder Confidence
© ControlCase. All Rights Reserved.
Why
ControlCase
Why
ControlCase
Summary – Why ControlCase?
Partnership
Approach
Continuous
Compliance
Services
Compliance
HUB
Approved Scanning Vendors (ASV) for the last
17 years
Cert-In Accredited for the last 10 years
CREST Accredited Organization
100+ Security Testers
Global Presence to Support
© ControlCase. All Rights Reserved. 21
Partnership
Approach
Continuous
Compliance
Services
Compliance
HUB
Approved Scanning Vendors (ASV) for the last
17 years
Cert-In Accredited for the last 10 years
CREST Accredited Organization
100+ Security Testers
Global Presence to Support
© ControlCase. All Rights Reserved. 21
© ControlCase. All Rights Reserved.
Q&A – Open
Forum
Q&A – Open
Forum
Special Pricing
© ControlCase. All Rights Reserved. 23
Attendees of this webinar are eligible for special
discounted pricing.
Please email [email protected] for more
information
Code in email: ccweb24
© ControlCase. All Rights Reserved. 23
Attendees of this webinar are eligible for special
discounted pricing.
Please email [email protected] for more
information
Code in email: ccweb24
Thank you for the
opportunity to contribute to
your IT compliance program.
For additional queries/support
[email protected]
opportunity to contribute to
your IT compliance program.
For additional queries/support
[email protected]
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 2,196
- Slides 24
- Favorites 1
- Age 428 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
46 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
46 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
21 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views