{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Zero Breach Zone","title":"Hacking With Permission: K-12 Pen Testing with Zelvin Security","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/19d32d05\"></iframe>","width":"100%","height":180,"duration":1839,"description":"Welcome to Season 2 Episode 5 of the Zero Breach Zone, where hosts Phil Hintz and Andy Lombardo sit down with the people on the front lines of K-12 cybersecurity. This week they're joined by Brian Parton, penetration tester and security expert at Zelvin Security. Brian pulls back the curtain on what a real pen test looks like inside a school district, what attackers are actually looking for, why your printer might be your biggest vulnerability, and how knowing where your defenses fail is one of the smartest investments a district can make.Recorded during Teacher Appreciation Week, Phil and Andy take a moment to recognize the educators who make every other profession possible, including the cybersecurity pros keeping school networks safe.Key Takeaways:Penetration testing is active, intentional, and noisy. The goal is to find every exploitable vulnerability across every layer of defense so you know everywhere you're exposed, not just where you didn't get caughtRed teaming is different. It's quieter and more covert, designed to simulate a real attacker who's trying not to be detectedAutomated pen testing tools beat a basic vulnerability scan, but only a human tester can adapt, troubleshoot, and exploit the edge cases that tools miss. A false sense of security is worse than no test at allPrinters are a massively underestimated attack surface. Once configured for scanning and email, they often hold credentials that can unlock privilege escalation across your entire networkSeparating admin accounts from everyday user accounts is one of the highest-impact, lowest-cost moves a district can makePen testing validates your existing tool spend and increasingly checks a box on cyber insurance applicationsParting Tip:Visit zelvin.com/K-12-resources for free tools including a pen test ROI guide, a purple teaming explainer, and a password entropy checker. Aim for a base entropy score over 100Resources Mentioned:Zelvin Security — zelvin.comDEFCON Groups — find your local chapter...","thumbnail_url":"https://img.transistorcdn.com/Zk4xLtvPAUeZpaPx18hyw9vp_c2PAVdRDBwsovlpg_E/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS8yNjhh/N2EzNGU2NWI1ZTQ2/OTBkZjZhM2M5YTA4/YzAyNS5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}