Blue chips eye Australian pen test assessments

Powered by SC Magazine
 

Online service to test staff skills.

Businesses will be able to test the expertise of their security teams with a series of penetration tests designed by an Australian security professional.

The tests, dubbed Exploitable Labs, emulated virtual e-commerce websites with varying information security controls that participants were tasked to break into.

Creator Wayne Ronaldson said scenarios were tailored to a range of skill levels and security expertise to allow paying businesses to assess the capabilities of potential employees, or test those of existing staff. 

“It means a business could see if their security guys are strong in networks but lacking in web apps, so they can tailor training to create a well-rounded security team,” Ronaldson said.

“People have found it hard to decide the areas to train staff because security changes all the time. The tests help break down skills into strengths and weaknesses.”

He said it was also aimed at IT recuitment agencies which could use the service to vet candidates.

Ronaldson created the tests after seeing the wide range of skill levels in the security industry, in which he had worked as a penetration tester and security professional for about a decade.

The tests were designed to produce transparent performance reports and to be immune to automated vulnerability and exploitation tools.

This would distinguish mature security skills from those reliant on automation, better known as script kiddies.

Customers would receive a report detailing the number of vulnerabilities a candidate had found during the tests, exploits used, and even their methods of research.

Social engineers could tap into Twitter, Facebook and Skype accounts to ply fake staff usernames and passwords and run client side attacks. “It’s designed to be as real as possible,” Ronaldson said.

Large blue chip organisations in the US and Australian IT firms have already expressed an interest in putting staff through the service. Ronaldson declined to name them citing confidentiality agreements.

Exploit Labs has been in development for two years and will launch next week.

Copyright © SC Magazine, Australia


Blue chips eye Australian pen test assessments
 
 
 
Top Stories
Taking the fight to the disruptors
Seven West Media's new chief digital officer, Clive Dickens, says if a media company as historic as Disney can take on the new media landscape, then so can he.
 
How Australia plans to mark NAPLAN with cognitive computing
National schools test to be scored electronically from 2017.
 
M2 makes $1.6bn play for iiNet
Challenges TPG's March takeover offer.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Do you support the Government's data retention scheme?

   |   View results
Yes
  11%
 
No
  89%
TOTAL VOTES: 2551

Vote