Jason Lang

Senior Security Consultant

Experience

With over 10 years of industry experience, Jason Lang has worked in both offensive and defensive roles. Before switching to red teaming, he spent 8 years working as a technical Security Architect for a Fortune 500, specializing in Active Directory and .Net/database development.

Education & Certifications

Offensive Security Certified Professional (OSCP), CISSP

Professional Affiliations

Jason is a regular speaker at information security conferences such as DerbyCon and CypherCon, and has released multiple offensive and defensive open source tools.

Passion for Security

While Jason truly enjoys contributing to the infosec community through both public speaking and the development of new tools, his passion manifests itself in helping clients make changes to their systems (and people) in ways that truly improve their security posture. Oh, and shells, he loves getting shellz too. =)

Recent Blog Posts

The Updated Security Pro’s Guide to MDM, MAM, and BYOD

By Kelsey Segrue
In Application Security Assessment
Bring your own device (BYOD) is an accepted convention, most commonly for mobile devices, in corporate environments. Even company-owned devices are treated by employees as personal devices and are often incorporated into the environment in the same way that employee-owned devices are. Our job in information security is to ensure that the business initiatives like...
Read

Thycotic Secret Server: Offline Decryption Methodology

By Jason Lang
In Application Security Assessment, Penetration Testing, Red Team Adversarial Attack Simulation, Security Testing & Analysis
On offensive engagements, we frequently encounter centralized internal password managers that are used by various departments to store incredibly sensitive account information, such as Domain Admin accounts, API keys, credit card data, the works. It used to be that these systems were implemented without multi-factor authentication. “Hacking” them was as simple as finding somebody that...
Read

Automating a RedELK Deployment Using Ansible

By Jason Lang
In Red Team Adversarial Attack Simulation
As the red team infrastructure needs continue to expand (and grow more complicated), so does the need for infrastructure automation. Red teams are adopting DevOps to improve the speed at which their infrastructure is deployed, hence the rise in usage of tools such as Terraform and Ansible for red teams. In this post, we will...
Read
View all posts from Jason
Jason Lang

Want to work with Jason Lang or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us