The Importance of Quality Pen Testing: A Conversation with Katerina Tasiopoulou

The Importance of Quality Pen Testing: A Conversation with Katerina Tasiopoulou

08/10/2023 | Phillip Wylie |

About The Guest:
Katerina is the CEO and founder of Exelasis, a cybersecurity organization that focuses on elite pen testing and advanced security testing. She is one of the first female CEOs in the industry, and she is passionate about bringing the elite back into cybersecurity and promoting the importance of pen testing.

Summary:
Katerina discusses the commoditization of pen testing and the need for organizations to prioritize quality over quantity. She explains the difference between pen testing and red team operations, emphasizing that pen testing is coverage-based while red teaming is objective-based. Katerina also shares her thoughts on the role of AI in pen testing and cybersecurity, highlighting the importance of human expertise and the need for ethical guidelines in AI development. She emphasizes the need for organizations to invest in pen testing and validate their cybersecurity measures to ensure the safety of their digital assets.

Key Takeaways:

  • Pen testing is coverage-based, while red teaming is objective-based.
  • AI can enhance pen testing, but it cannot replace the human expertise and ethical decision-making required in cybersecurity.
  • Organizations should prioritize quality over quantity when it comes to pen testing and invest in elite testing to validate their cybersecurity measures.
  • Pen testing is crucial in identifying vulnerabilities and reducing exposure, but it cannot guarantee 100% security.

Quotes:

  • “Pen testing really lost the eliteness it could have had. It's become a checklist.” – Katerina
  • “Red teaming is an objective-based exercise. It will tell you if the ultimate objective is achievable or not.” – Katerina
  • “AI cannot possibly go into an organization and have that logical thinking saying, 'I'm not going to touch that because it's a real customer.'” – Katerina
  • “We want to enhance, not replace. Use AI to enhance, not to replace.” – Katerina
  • “Pen testing is not commodity. It's a lot more elite, it's a lot more strategical.” – Katerina

Socials and Resources:

https://www.linkedin.com/in/katerina-tasiopoulou-a71424128/

https://www.linkedin.com/company/exelasis-ltd/

http://www.exelasis.com

Podcast: Play in new window | Download