|
Title: [Article]-Interview: Kevin Johnson of SANS, InGuardians Post by: don on May 30, 2009, 01:03:40 AM Great interview by an energetic new contributor. Thanks, Jason.
Permanent link: [Article]-Interview: Kevin Johnson of SANS, InGuardians (http://www.ethicalhacker.net/content/view/257/2/) Quote (http://www.ethicalhacker.net/images/stories/features/root/kjinterview/kj_pic.jpg) Review by Jason Haddix, Security Aegis (http://www.securityaegis.com/) Anyone who knows training (or InfoSec for that matter) knows SANS is probably THE most recognized name in InfoSec training. While the foundation of SANS is Stephen Northcutt and Alan Paller, his superstars are the InGuardian’s crew. Call them security divas, we don’t care. We know that Ed Skoudis, Kevin Johnson, Mike Poor, and Joshua Wright are instructors with whom we’d give the whole of our security budget to train. We can’t decide what we like best: their stellar tool development, their helpful whitepapers, their nifty cheat sheets, their open source projects, or the fact that their courses are the most interesting and engaging we’ve seen. Web application pen testing is a huge focus for the security space right now, and SANS just turned their 4-day SEC542 - Web App Penetration Testing and Ethical Hacking (http://www.sans.org/info/34523) into a 6-day class. We had the chance to pick the brain of its instructor/creator Kevin Johnson, InGuardian (http://www.inguardians.com/) pen tester, father, and all around great guy. Read on as he answers our questions on a wide array of our web-app security queries. (http://www.ethicalhacker.net/mambots/editors/jce/jscripts/tiny_mce/plugins/emotions/images/smiley-cool.gif) Don Title: Re: [Article]-Interview: Kevin Johnson of SANS, InGuardians Post by: unsupported on June 01, 2009, 12:34:56 PM Great article Jason! Who exactly said that pen testing is declining (dead)?
I met Kevin last month at a local ISSA meeting he was presenting at on the basics of Incident Handling. Very engaging speaker. I would not miss the opportunity to hear him speak again! Title: Re: [Article]-Interview: Kevin Johnson of SANS, InGuardians Post by: Jhaddix on June 01, 2009, 05:59:29 PM Well he will be presenting his socialbutterfly tool at Defcon so dont miss it!
That question was loosely based on some statements of a certain OWASP supporter, who i will not name. He said network pentesting is dying, and webapp is the way of the future. I thought it pertinent enough bring up as I've heard others have comments which go along with that belief. Very untrue but wanted Kevin's input. Title: Re: [Article]-Interview: Kevin Johnson of SANS, InGuardians Post by: aweSEC on June 02, 2009, 02:49:46 AM I think too that the main part will become webapp pentesting but surely network pentesting won't die out. Maybe the whole webapp security will become a litte less important after a later future when the boom is over.
But I am pretty sure that webapp security will be at least for the next time the bigger market for penetration testers. Title: Re: [Article]-Interview: Kevin Johnson of SANS, InGuardians Post by: Andrew Waite on June 02, 2009, 10:49:00 AM Wow, just got time to read this interview. Great work Jason, always interesting to hear what Kevin and the rest of the inGuardians team are up to.
Unfortunately I normally end up with a large list of new tools I want to investigate in more depth.... Title: Re: [Article]-Interview: Kevin Johnson of SANS, InGuardians Post by: don on July 20, 2009, 03:19:49 PM Submitted to digg:
http://digg.com/security/Interview_Kevin_Johnson_of_SANS_InGuardians Please vote, Don
Powered by SMF 1.1.16 |
SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com |