SANS Mentor brings Security 542: Web App Penetration Testing and Ethical Hacking (GWAPT) to Cleveland

I’m proud to be teaching SANS Security 542 here in Cleveland through the SANS Mentor Program beginning in August.  The SANS Mentor Program allows you to save thousands on your training budget and still experience live SANS training on the GWAPT classes – live training without traveling! COURSE DETAILS: Security 542: Web App Penetration Testing …

SANS Mentor brings Security 542: Web App Penetration Testing and Ethical Hacking (GWAPT) to Cleveland Read More »

Three Areas You Need To Test When Assessing Mobile Applications

Having spoken at both at the SANS Mobile Device Security Summit as well as OWASP AppSec DC recently about testing mobile applications I’ve encountered that like the old saying goes “There are many ways to skin a cat”, there are also many ways to assess a mobile application.  I’ve seen very detailed testing methodologies, not …

Three Areas You Need To Test When Assessing Mobile Applications Read More »

Slides from my “5 Lessons Learned From Breaking Into A Casino” Webcast

For those of you that attended the webcast yesterday (and those who didn’t) I’ve uploaded my slides to my SlideShare page.  Thanks to my co-presenters Richard Stiennon and Kevin Henry for presenting some great content with me!  If you’re interested Richard has posted  his slides to SlideShare as well. Five Lessons Learned From Breaking Into A …

Slides from my “5 Lessons Learned From Breaking Into A Casino” Webcast Read More »

Free Webcast April 10th: Learn about APTs, Business Process Hacking and Breaking into a Casino!

On Tuesday April 10th at 12pm EST, 9am PST, 5pm GMT I’ll be presenting “5 Lessons Learned From Breaking In: Confessions of a Pentester & Other Stories” during a free webinar.  I’ll be talking about the five most common ways my team and I break into companies that you would think are highly secured such …

Free Webcast April 10th: Learn about APTs, Business Process Hacking and Breaking into a Casino! Read More »

Smart Bombs: Mobile Vulnerability and Exploitation Presentation

This week I co-presented “Smart Bombs: Mobile Vulnerability and Exploitation” with John Sawyer and Kevin Johnson at OWASP AppSec DC.  We talked about the some of the current problems facing mobile applications such as flaws found in the OWASP Mobile Top 10 and various privacy issues.  We also talked about how you go about testing …

Smart Bombs: Mobile Vulnerability and Exploitation Presentation Read More »

Attacking & Defending Apple iOS Devices in the Enterprise Presentation Updates

Below are links over on SlideShare to the latest version of my ever evolving presentation “Attacking & Defending Apple iOS Devices in the Enterprise”.  This is the version I presented at the SANS Mobile Device Security Summit a few weeks ago.  I include information on iOS 5, the latest jailbreaks at the time (this has …

Attacking & Defending Apple iOS Devices in the Enterprise Presentation Updates Read More »