.

[Article]-Interview: Kevin Johnson of SANS, InGuardians

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sat May 30, 2009 1:03 am

[Article]-Interview: Kevin Johnson of SANS, InGuardians

Great interview by an energetic new contributor. Thanks, Jason.

Permanent link: [Article]-Interview: Kevin Johnson of SANS, InGuardians


Image


Review by Jason Haddix, Security Aegis

Anyone who knows training (or InfoSec for that matter) knows SANS is probably THE most recognized name in InfoSec training. While the foundation of SANS is Stephen Northcutt and Alan Paller, his superstars are the InGuardian’s crew. Call them security divas, we don’t care. We know that Ed Skoudis, Kevin Johnson, Mike Poor, and Joshua Wright are instructors with whom we’d give the whole of our security budget to train. We can’t decide what we like best: their stellar tool development, their helpful whitepapers, their nifty cheat sheets, their open source projects, or the fact that their courses are the most interesting and engaging we’ve seen.

Web application pen testing is a huge focus for the security space right now, and SANS just turned their 4-day SEC542 - Web App Penetration Testing and Ethical Hacking into a 6-day class. We had the chance to pick the brain of its instructor/creator Kevin Johnson, InGuardian pen tester, father, and all around great guy.

Read on as he answers our questions on a wide array of our web-app security queries. Image
 


Don
CISSP, MCSE, CSTA, Security+ SME
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Mon Jun 01, 2009 12:34 pm

Re: [Article]-Interview: Kevin Johnson of SANS, InGuardians

Great article Jason!  Who exactly said that pen testing is declining (dead)?

I met Kevin last month at a local ISSA meeting he was presenting at on the basics of Incident Handling.  Very engaging speaker.  I would not miss the opportunity to hear him speak again!
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Mon Jun 01, 2009 5:59 pm

Re: [Article]-Interview: Kevin Johnson of SANS, InGuardians

Well he will be presenting his socialbutterfly tool at Defcon so dont miss it!

That question was loosely based on some statements of a certain OWASP supporter, who i will not name. He said network pentesting is dying, and webapp is the way of the future. I thought it pertinent enough bring up as I've heard others have comments which go along with that belief. Very untrue but wanted Kevin's input.
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Tue Jun 02, 2009 2:49 am

Re: [Article]-Interview: Kevin Johnson of SANS, InGuardians

I think too that the main part will become webapp pentesting but surely network pentesting won't die out. Maybe the whole webapp security will become a litte less important after a later future when the boom is over.

But I am pretty sure that webapp security will be at least for the next time the bigger market for penetration testers.
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Tue Jun 02, 2009 10:49 am

Re: [Article]-Interview: Kevin Johnson of SANS, InGuardians

Wow, just got time to read this interview. Great work Jason, always interesting to hear what Kevin and the rest of the inGuardians team are up to.

Unfortunately I normally end up with a large list of new tools I want to investigate in more depth....
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Jul 20, 2009 3:19 pm

Re: [Article]-Interview: Kevin Johnson of SANS, InGuardians

CISSP, MCSE, CSTA, Security+ SME

Return to /root

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software