Congratulations (and some cool Pwn Pad ideas)

Bradley Reed - Winner of the Pwn Pad 4 Giveaway

Bradley Reed – Winner of the Pwn Pad 4 Giveaway


Congratulations to Bradley F. Reed of the NASA IV&V team, the winner of our Pwn Pad 4!

It was pretty tough to choose, though. We had some great responses from InfoSec pros of all types. Don’t believe me? Check out their creativity for yourself:

Some people just wanna test:

  • We would use this to detect rogue devices and vulnerabilities in our corporate space as well as branch offices and international office. Due to the form factor of the Pwn Pad, we would be able to do this more discreetly than with a laptop loaded with external adapters.  We would then take the information gathered to use in an employee awareness program that will help strengthen our overall security.”
  • “I would use the Pwn Pad for doing spot testing and risk assessments for our 45 field locations.  Generating awareness around these weak spots in our corporate edge is always a challenge, being able to spot check them when we visit the sites would give us a definite leg up!”
  • “Our organisation always has security concerns. Our franchises are allowed to adopt their own technology to use our systems. The Pwn Pad would be a great tool to help us audit our franchise partners.”
  • “I manage IT Security at a credit union with 30+ branches, we would use the Pwn Pad for spot audits at each branch as well as investigations when e.g. One of the branches was breached overnight and we want to do a sweep of the space.  Also, I think we could adapt/use the pwn pad.”

 

Others got creative:

  • “Emulate attacks to my  company to enable the Blue team to understand malicious behaviour, so that a USE CASE can be created for the SIEM. An alert can be created from this which can be triaged with other alerts to understand from start to finish the process of a full blown attack. So you start threat modeling to create say a top 20 of likely attacks or malicious behavior.”
  • “Blue Team mostly but some Red. We are very trusting and I work across several departments. It would be cool to see what is different between each department, position, etc based on what they do. Some are super secret (or claim to be) and others are very public. It would be fun to see what is really revealed.“

 

It’s a validation tool:

  • “At work I would love to have a device I could use to validate the security of bluetooth enabled (medical) devices.  Personally I would like to evaluate the PWN Pad and bring it to the attention of our state government. I think we could look to include such a device in a jump bag when we are responding to an event.”
  • “Red team or Blue team?  YES!  But mostly red team operations, since we’re testing our standing tools for effectiveness.  Let’s start that bad boy up and rip through the network like buttah!  We have a lot of world class tools in place, but the Pwn Pad could challenge the effectiveness of the integration between those tools..  It’s perfect for finding those holes.”
  • “I would use it to regularly test network & wifi controls across our key offices, to enable us identify the high risk vulnerabilities to focus on.”

 

Want to scare management?

  • “I find the pwn pad to be a very valuable tool when trying to convince management there are aspects of our security that need to be addressed.”
  • “Purple Team. (Well, more bluish) I’d use it as an aegis to show flaws inherent in BYOD policies and why standards are necessary. As well as why the expectations of ‘free wifi’ are risky, why always on services are a bad idea, and why encryption/security are necessary in this always on/connected economy. I fight for the users.”
  • “We are trying to convince our leadership team to invest in security. The Pwn Pad would go a long way towards demonstrating how easily our network can be breached. By a casual tablet user no less!”
  • “Red Team – A Pwn Pad would be both useful and fun to help making the point that things need to change in an uncontrolled BYOD culture.  Making a couple of high-visibility examples would drive the point home and get authorization for a central monitoring project.”

 

You can buy one of your own:


Buy Now




 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *