Pen Testing VS Red Teaming, and how to get more from your reports

Red team engagements provide valuable information for organizations to identify potential risks, address any observed weak points in their security posture, and to test the effectiveness of both policies and procedures. The report is where you present these findings, and writing a good report is vital for the organization; knowing how to effectively present and communicate findings is imperative not only for a red teamer’s continued success but for the organization to understand how malicious actors threaten their assets. In this presentation, I will discuss how to write better reports, tips for presenting your findings, and the importance of reports. Sampson Chandler (Senior Analyst at RSA Security) Sampson Chandler has been in IT for over 10 years, and in the information security field for 3 years. He has spoken at SecKC and is an active member of (ISC)2. As a Senior Analyst at RSA Security, Sampson Chandler has helped numerous clients during audits, penetration tests, vulnerability scans, and improving the security posture of many fortune 500 companies.