Context Security

Recent Posts

• Maybe those DLP $$$/record breached stats aren’t so far off…
• 25% off SANS SEC401 vLive format (offer ends 1/8)
• Quick synopsis of Cybersecurity Act of 2009
• 20% Off All SANS OnDemand Classes
• w3af Technical Segment on PaulDotCom Tonight

Bio

• Seth Misenar’s Interview with Stephen Northcutt
• Seth Misenar’s LinkedIn Page
• Seth Misenar’s SANS GIAC Certifications
• Seth Misenar’s Twitter Feed

SANS

• …additional teaching details
• Community SANS
• SANS OnDemand
• SANS vLive

SANS Teaching

• …additional teaching details

Tags

Context Security

• Maybe those DLP $$$/record breached stats aren’t so far off… 09/03/2010
  I have often scoffed at some of the numbers used to cost justify Data Leakage Prevention (DLP) purchases.  While I agree there is a pretty serious need for redoubled efforts at preventing (and moreover detecting) sensitive data leaving an organization’s control, I haven’t found myself persuaded by most of the “studies” that show crazy […]
  seth
• 25% off SANS SEC401 vLive format (offer ends 1/8) 09/03/2010
  Just wanted to let everyone know that SANS has provided me with a 25% discount code for the upcoming vLive class that I will be co-teaching with Dr. Eric Cole. The code to be used is: IN401 Here is the link to the class particulars: http://www.sans.org/info/52819 If you aren’t already familiar, the vlive format is an online delivery [...] […]
  seth
• Quick synopsis of Cybersecurity Act of 2009 09/03/2010
  Just wanted to let everyone know that Stephen Northcutt has a quick section by section 1-3 sentence review of the Cybersecurity Act of 2009 legislation (a.k.a Rockefeller-Snowe Bill) that was recently proposed. http://www.sans.edu/resources/musings/1439.php I just got my hands on a copy of the bill, and am gonna try to read through it while waiting at the do […]
  seth
• 20% Off All SANS OnDemand Classes 09/03/2010
  Received an email this morning notifying me that SANS OnDemand is running a special for the month of March.  20% off of any SANS OnDemand class.  As an added bonus, you could have me as your OnDemand Virtual Mentor (ODVM) Please feel free to leave a comment or email me at seth combined with [...] […]
  seth
• w3af Technical Segment on PaulDotCom Tonight 09/03/2010
  Just wanted to let you all know that I will be a guest on the PaulDotcom Security Weekly podcast tonight.  I will be leading a technical segment on w3af, which is a very nifty free/open source tool for web application scanning/exploitation.  Should be loads of fun! The live stream should go up around 1845 EDT with [...] […]
  seth
• SANS Protecting Your Web Apps 09/03/2010
  SANS Protecting Your Web Apps: Two Big Mistakes and 12 Practical Tips to Avoid Them Not sure when this was released, but I am sure that it was pretty recently.  From the title I wasn’t really expecting much, but was pleasantly surprised by the clarity with which the tips were explained.  Frank Kim and Ed Skoudis [...] […]
  seth
• SANS 542 Webcast: Build Your Own Army of Darkness: XSS Frameworks for Zombies and Profit 09/03/2010
  Below is information regarding a webcast I will be leading for SANS on 03/18/2009 at 10 AM EST.  Should be fun. Build Your Own Army of Darkness: XSS Frameworks for Zombies and Profit Featuring: Seth Misenar In this preview to the newly updated SEC542 Web Application Penetration Testing course being offered in Amsterdam, you will learn how build [...] […]
  seth
• SANS/Ed Skoudis Releases 3 Pen Testing Cheat Sheets 09/03/2010
  Thought some of you might be interested… Ed Skoudis (of InGuardians and SANS 504/517/560 fame) twitted about the release of 3 new cheat sheets this morning.  The sheets are hosted on SANS website and links to them can be found on InGuardians (http://www.inguardians.com/pubs/articles.html). Here is the description from InGuardians: “Ed Skoudis rel […]
  seth
• Associative Wordlist Generator (AWLG.org) 09/03/2010
  Stumbled upon AWLG over at Darknet: http://www.darknet.org.uk/2009/01/the-associative-word-list-generator-awlg-create-related-wordlists-for-password-cracking/ This seems to follow nicely with the previous post referencing, CeWL.  Also dovetails nicely with me currently listening to Day 4: Password Attacks of SANS 560: Network Penetration Testing and Ethical […]
  seth
• SANS Training 25% off discount extended 09/03/2010
  Full disclosure: I serve as a Technical Director and Virtual Mentor for SANS OnDemand (as well as Community SANS Instructor in general). SANS OnDemand online training has extended the 25% off discount promotion that was being run at the end of 2008.  This is one of the steepest discounts I’ve seen for SANS training of any [...] […]
  seth