Team Lead, Targeted Operations
With over 10 years of industry experience, Jason Lang has worked in both offensive and defensive roles. Before switching to red teaming, he spent 8 years working as a technical Security Architect for a Fortune 500, specializing in Active Directory and .Net/database development.
Education & Certifications
Offensive Security Certified Professional (OSCP), CISSP
Jason is a regular speaker at information security conferences such as DerbyCon and CypherCon, and has released multiple offensive and defensive open source tools.
Passion for Security
While Jason truly enjoys contributing to the infosec community through both public speaking and the development of new tools, his passion manifests itself in helping clients make changes to their systems (and people) in ways that truly improve their security posture. Oh, and shells, he loves getting shellz too. =)
Recent Blog Posts
Original post: https://www.trustedsec.com/blog/the-defensive-security-strategy-what-strategy/ Massive exposures and attacks, such as recent SolarWinds and Exchange exploit issues, have been common news lately. While the security landscape has advanced and changed, these massive exposures are continuing to occur. The question is why, and how, are they occurring? While common issues are often leveraged, the mentality around them is...
It is, by far, the most frequent question I get asked: How do I get started in IT/InfoSec? So many seem interested in the field of computers, system administration, networking, or information security but have no idea where to start, which can be a frustrating place to be. This blog post is for all of...
Reporting is an essential piece of the penetration testing puzzle. It’s the product your client will be reviewing within their organization, representing you and your company to those you may not have worked with directly. With that in mind, it’s important that your product, the report, strikes a balance between professional tone and cold facts....
Recorded on October 21st, 2020 Understanding the real-world effectiveness of your security controls is a crucial element in constructing a robust security posture. Red Team engagements (or “Adversarial Attack Simulations” as they’re known at TrustedSec) are extended, goal-oriented engagements using...