Tactical security ops

Professionally Evil Training Event: Multiple classes being offered in Orlando FL April 6-9 2015

Secure Ideas is very excited to announce their training event for April.  We have worked with the Core Group and TrustedSec to create an event that covers a wide variety of training needs. The event is April 6-9th 2015 and will be held at the Palms International Resort. We are in the process of getting …

Professionally Evil Training Event: Multiple classes being offered in Orlando FL April 6-9 2015 Read More »

Webcast: Defending Against Web App Attacks Using ModSecurity

Later this month I will be presenting a free webcast on ModSecurity and how we can make better use of it.  This is going to be very close to the presentation that I gave at MIRcon 2013.  Some of the ideas that we’ll cover are from what we’ve been calling Tactical Security Ops.  In this …

Webcast: Defending Against Web App Attacks Using ModSecurity Read More »

Creating SSL Certificate Requests Using Certreq.exe and Enable LDAPS

This post picks up on my last about creating and authorizing an internal certificate authority.  We are going to shift gears a bit and start looking at how to use this newfound infrastructure.  There are tons of tutorials online about how to create a certificate signing request (CSR) using IIS on Windows.  However, there are …

Creating SSL Certificate Requests Using Certreq.exe and Enable LDAPS Read More »

SSL Certificates: Setting Up and Authorizing the Internal Certificate Authority

In this post, I wanted to give something directly to the Blue Teams out there.  I also thought I would call us out a bit for sending mixed messages to our users.  All too often we find internal websites using invalid SSL certificates when we are on an engagement.  Almost every user awareness document or …

SSL Certificates: Setting Up and Authorizing the Internal Certificate Authority Read More »

Tactical Security Ops at Black Hat 2013

Kevin Johnson and John Strand recently gave a presentation at RSA 2013 titled “Tactical Sec Ops: A Guide to Precision Security Operations.”  Not surprisingly, this has been something that we’ve been talking quite a bit about internally.  So much so that Secure Ideas will be teaching Tactical Security Ops at Black Hat USA.  We initially …

Tactical Security Ops at Black Hat 2013 Read More »

Scroll to Top