Best moments from “Hacking the Attack Surface” – Super Cyber Friday

Here’s our highlights video from Super Cyber Friday “Hacking the Attack Surface: An hour of critical thinking about losing top-down control of data and users.”

Watch the full video here

Our guests for this discussion were:

Got feedback? Join the conversation on LinkedIn.

HUGE thanks to our sponsor Censys

Censys - Attack surface management

Best Bad Idea

Congrats to Duane Gran, corporate director of information security, Converge Technology Solutions Corp. for winning this week’s Best Bad Idea.

Other honorable mentions go to:

“Cover your attack surface with plastic wrap and assume that protects it.” – Ian Poynter,
vCISO, Kalahari Security

“Increase your attack surface so the threat actors get lost trying to find the important stuff.” – Shawn M. Bowen, VP, Information Security (CISO), World Fuel Service

“Rename and re-IP every server every 24 hours to shuffle the attack surface.” – Allan Alford, CISO & CTO, TrustMAPP

“Encourage shadow it for every business team which would naturally build segmentation.” – Shawn M. Bowen, VP, Information Security (CISO), World Fuel Service

“Consolidate all of your attack surfaces to a single VLAN, single account, etc. so you can more easily manage the surface in one single view.” – Shawn M. Bowen, VP, Information Security (CISO), World Fuel Service

“Convince your CEO and board to set the organization’s risk tolerance to ‘ludicrously high’ so you don’t have to worry about your attack surface.” – Brian Colt, Information Security Engineer, DASH Financial Technologies

10 percent better

“Frequently, like every week, port-scan your external IP ranges to identify unknowns.” – Brian Colt, Information Security Engineer, DASH Financial Technologies

“Bounty program for boots on the ground employees to find vulnerabilities or poor security practices in their daily environment.” – Tyler Powell, Accelerator Account Executive, Darktrace