Recent searches
Search options
Has anyone participated in a software-focused table top exercise? If so, was this a homemade exercise or did you get it via a consulting service, etc? Was it good? Is this something people would want as a service? Does this service exist? I would like to hear your thoughts.
@SheHacksPurple What is a "table top exercise"?
@jogi A security exercise or simulation that allows you to practice your incident response process (and ideally, to improve upon it). A fake situation, so there are no big stakes at risk, meaning if your IR team or other teams don't do well, it's a great learning experience, and not an unmitigated disaster. I'd rather spot mistakes when we are practicing, instead of when things really matter.
@SheHacksPurple Ahhh, okay. For IT infrastructure you need to do it from time to time in environments like insurance, finance (regulation). Never seen that for web application security. Most companies do a delegation to a pen tester and then they think they're done. After a while you get feedback but that is not the same to be under stress to fix a security issue asap... would be a nice course 
@jogi I dream of having bugs fixed quickly!
@SheHacksPurple #iast and #rasp are IMHO a great boost to prevent bugs. More technologies like that would help.
@jogi Oh yes. The more types of testing the better!