(Separate registration required) Advanced Web Penetration Testing (day 1 of 2)

Presented at AppSec USA 2014, Sept. 16, 2014, 8 a.m. (540 minutes).

This training course is separate from the AppSec USA general conference. Visit http://appsecusa.org/training/ for information about training registration.


Presenters:

  • Kevin Johnson - CEO - Secure Ideas
    Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute . Kevin has performed a large number of trainings, briefings and presentations for both public events and internal trainings. He is the author of three SANS Institute classes: SEC542: Web Application Penetration Testing and Ethical Hacking, SEC642: Advanced Web Application Penetration Testing and SEC571: Mobile Device Security. Kevin has also presented at a large number of conventions, meetings and industry events. Some examples of these are: DerbyCon, ShmooCon, DEFCON, Blackhat, ISACA, Infragard and ISSA. Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer. In his free time, Kevin enjoys spending time with his family and is an avid Star Wars fan and member of the 501st Legion (Star Wars charity group).
  • Jason Gillam - Senior Security Consultant - Secure Ideas
    Jason holds his GIAC Web-Application Tester certification. He has spoken at the UNC Charlotte Cyber Symposium, Charlotte ISSA InfoSec Summit, BSides Asheville, is the author of the open-source Burp CO2 project and is actively involved in others projects such as lyinbank.com, MobiSec, Laudanum, and Yokoso! Jason also enjoyes teaching, and has been involved in developing and conducting training sessions such as MobiSec, SamuraiWTF, Web Pen Testing, Secure Coding, and Python for Hackers.

Links:

Similar Presentations: