NoNameCon

Hiring a professional red team for security audits is not enough for finding the most critical vulnerabilities. A good level of collaboration between pentesters, company’s blue team, developers, managers is required in order to make this process efficient for both sides. Achieving it requires good planning, preparatory work, continuous improvement and a good understanding of the desired outcomes. This talk will evaluate goals, methods and typical tasks of red and blue teamers in a white-box application security audits and offer practical solutions for the most efficient collaboration of both parties.