The Digital Operational Resilience Act is being enforced from January 17th 2025.It applies to 20 different kinds of financial entities and selected ICT service providers. DORA consists of multiple parts and one of those is mandatory Threat Led Penetration Testing (TLTP), which is essentially based on the TIBER-EU framework. I would like to present how to implement TLPT and highlight the differences between TLPT and a regular pentest. Talk about When and how internal pentesting team and external thid-party pentest teams will come under DORA and TIBER frameworks. explain about redteam/purple team/blue team under DORA act. Discuss how financial institutions will continue to adopt DORA by successfully implementing TLPT. Higher management buy-in for TLPT implementation.
i have strong and essential experience in implementing application security teams and red team practices. so i would like to personalize the content to make it more interactive for audience by adding the real time experiences for implementing TLPT. and also highlight the traditional pentest vs TLPT with real time examples.