ISSA Monthly Meetings

Monthly Meeting - June 26, 2017

Everybody says it.....Why defense in-depth is so important

 Download presentation slides here.

Presenter: Brad Beltman



Everybody recommends "defense in-depth", and for good reason. Many orgs implement this in the form of products: firewalls, WAFs, IPS, SIEMs, etc. These are all great things, but what are often overlooked are the details in securely configuring applications and systems. This presentation is a case study of how lower-severity configuration issues can be combined into one big vulnerability, using a real-life application as an example.


Brad is a consultant with SecureWorks doing full time web application penetration testing.

He has a masters degree in Information Assurance from Dakota State University. Certifications include OSCP, GWAPT, GPEN, GCIH, GCED, and CISSP. When not on a computer, Brad is usually tormenting his wife, playing with his two kids, or playing guitar.


FBL Financial
5400 University Ave
West Des Moines, IA 50266