EXPERIENCE
With over 15 years of industry experience, Jason Lang has worked in both offensive and defensive roles. Before switching to red teaming, he spent 8 years working as a technical Security Architect for a Fortune 500 company, specializing in Active Directory and .Net/database development. After several years of penetration testing and red teaming, he now manages the Targeted Operations practice at TrustedSec.
EDUCATION & CERTIFICATIONS
- Offensive Security Certified Professional (OSCP)
- Offensive Security Experienced Professional (OSEP)
PASSION FOR SECURITY
While Jason truly enjoys contributing to the InfoSec community through both public speaking and the development of new tools, his passion manifests itself in helping clients make changes to their systems (and people) in ways that truly improve their security posture. Oh, and shellz, he loves getting shellz too.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Assumed Breach 101: Planning your next offensive engagement
Join Targeted Operations Practice Lead Jason Lang for this one-hour webinar about planning your next offensive engagement.
Navigating the “Penetration Testing” Landscape
Join renowned Targeted Operations experts Melvin Langvik, Senior Security Consultant, and Jason Lang, Practice Lead, who will discuss the objectives and the…
Putting the team in red team
One of the more common questions we receive during a red team scoping call or RFP Q&A call is, how many dedicated consultants will be involved in the…
A Career in IT: Where Do I Start?
It is, by far, the most frequent question I get asked: How do I get started in IT/InfoSec? So many seem interested in the field of computers, system…
Are You Ready for a Red Team?!
Join renowned experts Justin Elze, Director of Innovation, Research and Advanced Testing, and Jason Lang, Senior Security Consultant, who will discuss the…
Weaponizing Group Policy Objects Access
Recently, I was on an engagement where I discovered I had plaintext credentials to an account that could modify Active Directory Group Policy Objects (GPOs).…
Thycotic Secret Server: Offline Decryption Methodology
On offensive engagements, we frequently encounter centralized internal password managers that are used by various departments to store incredibly sensitive…
Automating a RedELK Deployment Using Ansible
As the red team infrastructure needs continue to expand (and grow more complicated), so does the need for infrastructure automation. Red teams are adopting…
Generating SSH Config Files with Ansible
If you like to stand up infrastructure in the cloud using Ansible (like we do), one of the pain points can be getting the new instance IP addresses configured…
Red Team Engagement Guide: How an Organization Should React
A lengthy Red Team engagement is coming. What should the defense do if they catch the offense? Reimage systems? Notify and allow? What is the course of action…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
