Presenter: Brad Beltman
Everybody recommends "defense in-depth", and for good reason. Many orgs implement this in the form of products: firewalls, WAFs, IPS, SIEMs, etc. These are all great things, but what are often overlooked are the details in securely configuring applications and systems. This presentation is a case study of how lower-severity configuration issues can be combined into one big vulnerability, using a real-life application as an example.
Brad is a consultant with SecureWorks doing full time web application penetration testing.
He has a masters degree in Information Assurance from Dakota State University. Certifications include OSCP, GWAPT, GPEN, GCIH, GCED, and CISSP. When not on a computer, Brad is usually tormenting his wife, playing with his two kids, or playing guitar.
5400 University Ave
West Des Moines, IA 50266
We are meeting in the Farm Bureau auditorium. Park in visitors parking on the NE corner of the building by the flag pole. The guards inside the main doors where you sign in will direct you.
If you can't physically attend, you can use our webcast. Below is the information for connecting.
Monthly ISSA Chapter Meeting
Please join my meeting from your computer, tablet or smartphone. https://global.gotomeeting.com/join/247310853You can also dial in using your phone. United States +1 (872) 240-3412 Access Code: 247-310-853