Ramble

Oct 20, 2019 Education

CTFs, Bug Bounties, and Accidental Vulnerability Discovery

Teaching offensive cybersecurity techniques builds better defenders. While I’ve discussed this before (like in this post), this vulnerability disclosure is a great vignette for highlighting why teaching offensive cybersecurity techniques are so important for building defensive cybersecurity professionals as well as why bug bounty programs are so critical for improving the defensive posture of your systems.

Jun 20, 2019 Training

Tips for success in PWK (OSCP)

So I have spent several years now working with students taking Offensive Security’s Penetration Testing with Kali Linux (PWK) - the preparatory course for the Offensive Security Certified Professional (OSCP), and I decided it was finally time to write a post on how to get the most out of your lab time.

Jun 10, 2019 Presentations

CISSE 2019 Resources

Welcome CISSE 2019. In this post, you can find my slides as well as a draft copy of the CISSE19 paper.

Apr 26, 2019 Presentations

BSides KC

Welcome BSidesKC. I attended and spoke this year at BSidesKC. This post discusses the [awesome] conference and provides the materials, including a video, of my talk.

Feb 8, 2019 Education

Why we should teach Offensive Cybersecurity (Hacking), First

This post presents an argument for starting any cybersecurity education program with the offensive techniques, even when the purpose of the training is to build defensive cybersecurity professionals.