Senior Security Consultant
With over 10 years of industry experience, Jason Lang has worked in both offensive and defensive roles. Before switching to red teaming, he spent 8 years working as a technical Security Architect for a Fortune 500, specializing in Active Directory and .Net/database development.
Education & Certifications
Offensive Security Certified Professional (OSCP), CISSP
Jason is a regular speaker at information security conferences such as DerbyCon and CypherCon, and has released multiple offensive and defensive open source tools.
Passion for Security
While Jason truly enjoys contributing to the infosec community through both public speaking and the development of new tools, his passion manifests itself in helping clients make changes to their systems (and people) in ways that truly improve their security posture. Oh, and shells, he loves getting shellz too. =)
Recent Blog Posts
A lengthy Red Team engagement is coming. What should the defense do if they catch the offense? Reimage systems? Notify and allow? What is the course of action that allows the engagement to proceed and deliver maximum value to the organization? These can be difficult questions to answer, but ones that companies procuring these tests...
NOTE: On October 17th, 2018 Oracle released a patch for this vulnerability as several others: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html There are times when finding a 0day in a major-branded product like Oracle takes months of research, and there are times when it just jumps off the screen and you think to yourself, ‘There’s no possible way that is...