Jayme Hancock will be presenting at CactusCon on December 6-7, 2019 in Mesa, AZ. Come learn how to create an effective phishing user awareness training program on a budget, using the free phishing framework GoPhish.
This session will examine common external attack vectors which can lead to an attacker gaining a foothold into the organization.These vectors include phishing, compromised common websites, and interfaces which should not be internet facing. Additionally, we’ll look at what information an attacker is likely to now have from the initial compromise, and how this information can be leveraged to access the internal network and pivot through the network. Common tools used during penetration tests, red team exercises, and malware campaigns will be demonstrated. From there, we will discuss how utilizing a security framework such as ISO 27001 can reduce the risk and damage caused by these tactics