Minneapolis, Minnesota – NetSPI LLC, the leader in orchestrated vulnerability management and security testing, announced today its participation at Black Hat USA 2019, Aug. 7-8 (booth #105) in Las Vegas, NV. NetSPI will present and exhibit at the conference to showcase vulnerability management and penetration testing solutions that improve an organization’s information security posture. NetSPI’s security experts will provide best practices and insights during their presentations and will also be available to meet 1:1. Schedule a session now.
Presentations at NetSPI Booth #105
Attacking Modern Environments through SQL Server with PowerUpSQL
When: Wednesday, August 7 at10:30 a.m., 1:00 p.m., and 4:30 p.m.; Thursday, August 8 at 11:00 a.m.
Where: NetSPI Booth #105
Presenter: Scott Sutherland
Session Summary: PowerUpSQL provides insight into the risks that misconfigured SQL Servers pose to enterprise environments. See how PowerUpSQL can be used to perform SQL Server discovery, weak configuration auditing, privilege escalation on scale, and post-exploitation actions such as Active Directory Recon and OS command execution. We’ll share an msbuild script that can be used to launch an offensive SQL Server shell with data exfiltration capabilities.
Get PowerUpSQL at https://github.com/NetSPI/PowerUpSQL/wiki
Attacking Azure Environments with MicroBurst
When: Wednesday, August 7 at 11:00 a.m., 1:30 p.m., and 5:00 p.m.; Thursday, August 8 at 10:30 a.m.
Where: NetSPI Booth #105
Presenter: Karl Fosaaen
Session Summary: Azure tenant misconfigurations are extremely common. See how MicroBurst can be used to perform service discovery, weak configuration auditing, privilege escalation, and other post exploitation actions such as password recovery and OS command execution. Get a preview of an update to MicroBurst.
Get MicroBurst at https://github.com/NetSPI/MicroBurst
Inveigh New Release Review
When: Wednesday, August 7 at 11:30 a.m., 2:00 p.m., and 5:30 p.m.; Thursday, August 8 at 11:30 a.m.
Where: NetSPI Booth #105
Presenter: Kevin Robertson
Session Summary: Learn about the new 1.5 release of Inveigh, a Windows PowerShell ADIDNS/LLMNR/mDNS/NBNS spoofer, and man-in-the-middle tool. Plus, we’ll delve into the first non-development release of InveighZero, the C# version of Inveigh. See new features, differences, and Windows post-exploitation use cases for both tools.
Get Inveigh at https://github.com/Kevin-Robertson/Inveigh
Learn more at NetSPI Booth #105
In addition to the presentations, attendees will have the opportunity to learn more about the following:
See how NetSPI’s security testing services are designed to address bandwidth, expertise gaps, and compliance needs. NetSPI provides:
- Application Penetration Testing Services
- Network Penetration Testing Services
- Cloud Infrastructure Penetration Testing Services
- NetSPI Resolve™ Threat and Vulnerability Management Software
- Security Program Transformation Services
NetSPI’s penetration testing services cover everything from mobile and web apps to cloud, network, mainframe, IoT, and more. Additional strategic services include threat and vulnerability management assessments, and attack simulation services that encompasses red team, social engineering, detective controls testing, and more.
Many companies run multiple vulnerability scanners, but making sense of the data, plus manual penetration testing reports and remediation status from across a global enterprise, is a massive manual effort. Resolve™ correlates all vulnerability data across your organization into a single view, so you can find, prioritize, and fix vulnerabilities faster. With data integration, Resolve™ can also show the remediation status of identified vulnerabilities. This results in vulnerability management processes that scale for global organizations. Learn how NetSPI Resolve™ removes the risk of managing vulnerabilities in spreadsheets, and the arduous administrative tasks that cause inefficiencies. NetSPI Resolve™ reduces your risk while increasing your security testing coverage by more than fifty percent without adding additional staff.
Schedule a Security Advisory Sessions with NetSPI
Sign up for a one-on-one security advisory session or a software demo at Black Hat USA 2019.
About NetSPI
NetSPI LLC is the leading provider of application and network security testing solutions that supports organizations in scaling and operationalizing their threat and vulnerability management programs. The solution portfolio includes penetration testing services, vulnerability management software platform, and advisory services. Trusted by seven of the top 10 United States banks, the largest global cloud providers, and many of the Fortune® 500, NetSPI has deep expertise in financial institutions, healthcare providers, retailers, and technology companies. To learn why the world’s top brands trust NetSPI, visit netspi.com or follow us on Facebook, Twitter, and LinkedIn.