Penetration testing is one of the most realistic and effective ways to evaluate the security of computer systems and networks. Pen testing is not just a vulnerability analysis or a security audit. Pen testers don’t stop at just discovering a security problem or running some tools to scan and report vulnerabilities. They go beyond that to the extent of using offensive security techniques to exploit the system under test. This is one of the most efficient ways to simulate what could happen in real-world if this system was under attack. Thompson Rivers University offers a course in “Ethical Hacking” to teach computer science students the necessary skills to conduct penetration testing on computer systems and networks. This presentation discusses the challenges instructors had to face when teaching an Ethical Hacking course.
The presentation also highlights possible solutions to achieve the expected learning outcomes. A case study will be presented through a real story that happened three years ago and had a significant impact on 11,000 people. The presenter was one of those 11,000 and this incident has completely changed his life. Through this story, we’ll see that we could have saved Canadian taxpayers over one million dollars if pen testing was conducted before this incident. Finally, the presentation discusses the future of Ethical Hacking through a new research program in Thompson Rivers University. This includes new research contributions in behavioural biometrics and developing more secure mobile apps.
Dr. Haytham El Miligi
Assistant Professor, Thompson Rivers University