Strategies for a Successful Cybersecurity Awareness Month

Dr. James Stanger, CompTIA's Chief Technology Evangelist, has consulted with corporations, governments and learning institutions worldwide about cybersecurity, open source, network administration and help desk management for over 20 years. Organizations he has worked with include RSA, IBM, NTT Japan, Symantec, the Scottish Qualifications Authority (SQA), the US Department of Defense (DoD), the United Arab Emirates Cultural Division, the US Department of State, Meisei University, and General Dynamics.

Penetration testers can only assess the attack surface they can see. Attack Surface Detector is a set of open source tools that can identify web application attack surface through static code analysis, making the data easy to leverage in dynamic testing. Penetration testers can also highlight differences in attack surface between two different versions of an application.

Once a vulnerability becomes known to cybercriminals, the race is on for vendors to create a patch before it is exploited. And with the regular use of exploits in attacks and threats like the WannaCry ransomware using a vulnerability, getting the win has never been so crucial. This month we will cover the bug bounty marketplace, including the different types of markets available to vulnerability researchers. As well, we will review Trend Micro Research and how their research can benefit organizations through responsible disclosure and pre-disclosed filters to virtually patch vulnerabilities.

Virtual environments have definitely changed the course of learning for Institutions and students alike. High-in-demand skills like cyber security can now be taught in virtual environments which are ethical and safe. Virtual environments are highly flexible and versatile, you can have access to the latest software programs required in ethical hacking without making any additional expenses.