Presenter: Brad Beltman
Everybody recommends "defense in-depth", and for good reason. Many orgs implement this in the form of products: firewalls, WAFs, IPS, SIEMs, etc. These are all great things, but what are often overlooked are the details in securely configuring applications and systems. This presentation is a case study of how lower-severity configuration issues can be combined into one big vulnerability, using a real-life application as an example.
Brad is a consultant with SecureWorks doing full time web application penetration testing.
He has a masters degree in Information Assurance from Dakota State University. Certifications include OSCP, GWAPT, GPEN, GCIH, GCED, and CISSP. When not on a computer, Brad is usually tormenting his wife, playing with his two kids, or playing guitar.
5400 University Ave
West Des Moines, IA 50266