jason_wood

Announcing Tactical Sec Ops: Cloud Edition Online

2016 is shaping up to be an interesting and exciting time at Secure Ideas. We have always done training in one form or another. Many of you may have first heard of Secure Ideas through the training that we have done for organizations such as SANS, DerbyCon, Blackhat, OWASP, MISTI, Princeton University, Columbia University, and …

Announcing Tactical Sec Ops: Cloud Edition OnlineRead More »

Reading (Slogging) Through the 2015 Verizon DBIR

When the first data breach investigations report was released by Verizon in 2008, I remember thinking how awesome it was to get some actual data about security incidents and to see someone sharing this type of information.  At the time I was a systems administrator who had also become “the security guy” at my employer. …

Reading (Slogging) Through the 2015 Verizon DBIRRead More »

All Your Base Are Belong to #HeartBleed – OpenSSL Heartbeat Overflow

What You Need to Know and Do About It Unless you’ve been hiding under a rock, I’m sure you have heard about the overflow vulnerability in OpenSSL’s heartbeat extension.  All today I watched my Twitter feed talk back and forth about this vulnerability and its impact.  In fact, as I write this post a search …

All Your Base Are Belong to #HeartBleed – OpenSSL Heartbeat OverflowRead More »

Professionally Evil Speaking: Two Free Events in Salt Lake City, UT and Ogden, UT

These are a couple of local events for all you folks in the Salt Lake City, Ogden and Provo areas. Kevin Johnson will be speaking at two events on February 19th.  Both are free events! Addressing the Real Issues Around Compliance in the Cloud Panel Secure Ideas is excited to announce that Kevin Johnson will …

Professionally Evil Speaking: Two Free Events in Salt Lake City, UT and Ogden, UTRead More »

Webcast: Defending Against Web App Attacks Using ModSecurity

Later this month I will be presenting a free webcast on ModSecurity and how we can make better use of it.  This is going to be very close to the presentation that I gave at MIRcon 2013.  Some of the ideas that we’ll cover are from what we’ve been calling Tactical Security Ops.  In this …

Webcast: Defending Against Web App Attacks Using ModSecurityRead More »

MIRcon 2013 – Analyzing Web Attacks with ModSecurity

Last week I was able speak at MIRcon 2013 about how to use ModSecurity to discover attack activity and defend your environment.  The presentation started out by discussing a fair bit of background information on ModSecurity and how it works.  This was really important since ModSecurity can get a bit involved when setting it up. …

MIRcon 2013 – Analyzing Web Attacks with ModSecurityRead More »

Analyzing Web App Attacks Using ModSecurity at MIRcon 2013

I’m extremely excited to announce that I will be speaking at MIRcon2013 on ModSecurity!  The presentation’s goal is to help systems administrators, incident responders, and security analysts better manage and run an installation of ModSecurity.  Here is the synopsis from the presentation. Any publicly available web server and site is under attack on a regular …

Analyzing Web App Attacks Using ModSecurity at MIRcon 2013Read More »

Scroll to Top