HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 37 guests and 1 member online
EH-Net Donations

Enter Amount:
$
EH-Net News Feeds
Latest Additions
Google Ads
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Featuresarrow /rootarrow [Article]-Interview: Kevin Johnson of SANS, InGuardians
EH-Net
March 18, 2010, 03:41:34 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: [Article]-Interview: Kevin Johnson of SANS, InGuardians  (Read 10200 times)
0 Members and 1 Guest are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 3113


Editor-In-Chief


View Profile WWW
« on: May 30, 2009, 01:03:40 AM »
Great interview by an energetic new contributor. Thanks, Jason.

Permanent link: [Article]-Interview: Kevin Johnson of SANS, InGuardians

Quote



Review by Jason Haddix, Security Aegis

Anyone who knows training (or InfoSec for that matter) knows SANS is probably THE most recognized name in InfoSec training. While the foundation of SANS is Stephen Northcutt and Alan Paller, his superstars are the InGuardian’s crew. Call them security divas, we don’t care. We know that Ed Skoudis, Kevin Johnson, Mike Poor, and Joshua Wright are instructors with whom we’d give the whole of our security budget to train. We can’t decide what we like best: their stellar tool development, their helpful whitepapers, their nifty cheat sheets, their open source projects, or the fact that their courses are the most interesting and engaging we’ve seen.

Web application pen testing is a huge focus for the security space right now, and SANS just turned their 4-day SEC542 - Web App Penetration Testing and Ethical Hacking into a 6-day class. We had the chance to pick the brain of its instructor/creator Kevin Johnson, InGuardian pen tester, father, and all around great guy.

Read on as he answers our questions on a wide array of our web-app security queries.
 

Don
Logged
CISSP, MCSE, CEH, Security+ SME
unsupported
Sr. Member
****
Offline Offline

Posts: 299


Unofficial Newbie Moderator


View Profile
« Reply #1 on: June 01, 2009, 12:34:56 PM »
Great article Jason!  Who exactly said that pen testing is declining (dead)?

I met Kevin last month at a local ISSA meeting he was presenting at on the basics of Incident Handling.  Very engaging speaker.  I would not miss the opportunity to hear him speak again!
Logged
-Un
CISSP, GCIH, C|EH, Sec+, Net+, MCP
Jhaddix
Sr. Member
****
Offline Offline

Posts: 283



View Profile WWW
« Reply #2 on: June 01, 2009, 05:59:29 PM »
Well he will be presenting his socialbutterfly tool at Defcon so dont miss it!

That question was loosely based on some statements of a certain OWASP supporter, who i will not name. He said network pentesting is dying, and webapp is the way of the future. I thought it pertinent enough bring up as I've heard others have comments which go along with that belief. Very untrue but wanted Kevin's input.
Logged
GSEC, GPEN, GWAPT (in process)
http://www.securityaegis.com
http://www.redspin.com
http://www.pentesterscripting.com
awesec
Hero Member
*****
Offline Offline

Posts: 784


View Profile
« Reply #3 on: June 02, 2009, 02:49:46 AM »
I think too that the main part will become webapp pentesting but surely network pentesting won't die out. Maybe the whole webapp security will become a litte less important after a later future when the boom is over.

But I am pretty sure that webapp security will be at least for the next time the bigger market for penetration testers.
Logged
Andrew Waite
Hero Member
*****
Offline Offline

Posts: 816


aka RoleReversal


View Profile WWW
« Reply #4 on: June 02, 2009, 10:49:00 AM »
Wow, just got time to read this interview. Great work Jason, always interesting to hear what Kevin and the rest of the inGuardians team are up to.

Unfortunately I normally end up with a large list of new tools I want to investigate in more depth....
Logged
-- http://www.infosanity.co.uk
-- http://infosanity.wordpress.com
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 3113


Editor-In-Chief


View Profile WWW
« Reply #5 on: July 20, 2009, 03:19:49 PM »
Submitted to digg:

http://digg.com/security/Interview_Kevin_Johnson_of_SANS_InGuardians

Please vote,
Don
Logged
CISSP, MCSE, CEH, Security+ SME
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.049 seconds with 23 queries.
 
Polls
Best Career Move in 2010:
 
Support EH-Net

eh-net_amazonstore.jpg
Help Support EH-Net with Our Amazon Store

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2010 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.