Abstract
Everything seems to move so fast. What was secure today becomes the weak link in your armor tomorrow. In January 2016, the head of the NSA ’s Tailored Access Program (TAO ), Rob Joyce, was the main event at Usenix Enigma security conference and talked about how the NSA goes about exploiting systems. He went beyond the normal stuff like basic security (which some companies still lack) or going after IT admins. He gave us a good insight into how highly funded advanced persistent threats from state nations or organized crime think. He showed that these organizations only need our defenses down for a moment. Those times when a vendor asks for a backdoor or ports to be opened, or when an administrator makes a mistake in a firewall . That’s all the attackers needs sometimes. In other words, they are watching you all the time. Nothing new there. So why do we still only test once a year?
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer Science+Business Media New York
About this chapter
Cite this chapter
Manners, D. (2016). Continuous Penetration Testing. In: Lee, N. (eds) Google It. Springer, New York, NY. https://doi.org/10.1007/978-1-4939-6415-4_22
Download citation
DOI: https://doi.org/10.1007/978-1-4939-6415-4_22
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4939-6413-0
Online ISBN: 978-1-4939-6415-4
eBook Packages: Computer ScienceComputer Science (R0)