A deep dive into Coalfire's 2019 penetration results for education
by: Mike Weber, VP - Innovation, Coalfire Labs
In this webinar, we will discuss the anonymized, aggregate findings of consulting engagements conducted by Coalfire Labs for external network, internal network and application penetration tests and social engineering in the education industry. These results were recently published in our 2019 Securealities Penetration Risk Report.
Key findings from the report to be discussed:
- Unlike the 2018 report, large enterprises have taken the “sweet spot” for overall security due to a demographic shift toward cloud providers.
- Our data shows that the move to the cloud is having a tangible effect on security posture and vulnerabilities—we tested more cloud clients and saw more cloud-related vulnerabilities, with cross-site scripting, injection, and security misconfiguration topping the list.
- In parallel with last year’s results, external networks remain relatively secure and internal networks fairly insecure. However, app security has increased mainly due to migration of in-house-developed applications to the cloud and by leveraging appropriately skilled resources.
Mike Weber, Coalfire Labs’ practice leader, will detail report findings and discuss the penetration testing methodology, analysis, and recommendations to mitigate commonly found vulnerabilities in financial services organizations worldwide.