About Show #409
Paula is back - with stories of hacking her customer's systems! Richard talks to Paula Januszkiewicz about her work as a penetration tester and what it has revealed about the common vulnerabilities for corporate systems. There are lots of simple things you can do to make your systems less vulnerable - starting with getting patched up! There's a lot of conversation about passwords and account restrictions too, such as making sure that local machine admin accounts do not all have the same password, that service accounts do not allow interactive logins and so on. In Paula's experience, you're always going to get penetrated by some zero-day exploit, so be prepared to defend in depth!
Paula Januszkiewicz is the IT Security Auditor and Penetration Tester, Enterprise Security MVP and trainer (MCT) and Microsoft Security Trusted Advisor. She is also a top speaker at many well-known conferences including TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime, etc., and is often rated as number-one speaker. Paula is engaged as a keynote speaker for security related events and she writes articles on Windows Security. She proudly holds the role of the Security Architect at IDesign, a team of world-class architects, and she drives her own company CQURE, working on security related issues and projects. Paula has conducted hundreds of IT security audits and penetration tests, including those for governmental organizations. Her distinct specialization is definitely on Microsoft security solutions in which she holds multiple Microsoft certifications, besides being familiar with and possessing certifications in other related technologies. Paula is passionate about sharing her knowledge with others. In private, she enjoys researching new technologies, which she converts to authored trainings. She wrote a book about Threat Management Gateway 2010, and is working on her next book. Facebook: https://www.facebook.com/paula.januszkiewicz LinkedIn: http://www.linkedin.com/in/paulajanuszkiewicz Website: http://idesign.net, http://cqure.pl