Jason Ostrom
Certified InstructorFounder and Principal Consultant at Stora Information Security
Specialities
Offensive Operations, Cloud Security
SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
SEC598: Security Automation for Offense, Defense, and Cloud
SEC598Offensive Operations
- 6 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 23 Hours of hands-on instruction
Virtual Events
Explore content featuring this instructor’s insights and expertise.
- Slide 1 of 3
SANS Workshop – Building an Azure Pentest Lab for Red Teams
In this SANS Workshop, you will learn how to use Infrastructure as Code and open-source tools to automatically create an Azure Active Directory security lab which can be used for your own security simulations and use cases. After automatically creating Azure AD users, Applications, and RBAC role assignments, participants will have hands-on exercises to perform reconnaissance and a specific attack pathway that abuses mis-configured roles and permissions.
WebinarCloud Security
- 11 Aug 2022
- 11:00 UTC
- Jason Ostrom & Aaron Cure
- Slide 2 of 3
SANS Pen Test Austin 2023: Workshop - Building Azure Security Labs using Terraform
The increased importance of the cloud and identity is not lost on attackers. To simulate adversary tradecraft, Red teams must be able to evolve offensive techniques against cloud identity systems. Cloud defenders must adapt quickly to understand these same attacks and instrument defenses. In this SANS Workshop, students will be introduced to the PurpleCloud open-source Azure lab creation tool. Students will learn how to use Terraform to automatically create an Azure Active Directory security lab which can be used for your own security simulations. After automatically creating Azure AD users, Applications, and RBAC role assignments, participants will have hands-on exercises to perform reconnaissance and a specific attack pathway that abuses mis-configured roles and permissions. This workshop is intended for Cloud Architects, Security Engineers, Penetration Testers, Defenders, and anyone looking to learn a little more Azure and Terraform. Prerequisites: • An active Azure subscription (https://portal.azure.com) • An Azure account with Global Administrator permissions Prior to the workshop: 1. Download the Building Azure Security Labs using Terraform virtual machine. Double-click on the OVA file to import the VM with VMware. Boot the VM after import, then login with the username sec588 and the password slingshot. https://sansurl.com/building-azure-labsPassword: jaJDY8hu44b32. Launch Firefox browser and navigate to home (it should auto-launch). 3. Follow the lab 0 instructions to ensure that you have an Azure account and active subscription.4. The Workshop instructions are also available at https://lab.purplecloud.network with the following credentials sec588:sec588 Please note – we will not be able to troubleshoot or support local VM issues or Azure account subscription issues. It is highly encouraged that you download and verify login to the VM before the workshop and that you follow all steps in lab 0 for Azure account and subscription setup. System Requirements: • VMware to launch a customized Slingshot Linux distribution (VMware Workstation Pro, VMware Workstation Player, or VMware Fusion for macOS; trial versions of all three are available, and VMware Workstation Player is available for free for non-commercial use. • 30 GB free hard drive space • At least 8 GB RAM
WebinarCyber Defense
- 19 Apr 2023
- 20:15 UTC
- Jason Ostrom
- Slide 3 of 3
Mastering Adversary Emulation with Caldera: A Practical Guide
Adversary emulation stands as an indispensable cornerstone in the cybersecurity domain, empowering organizations to proactively evaluate and bolster their defensive capabilities against real-world threats. In this presentation, we delve into the practical application of adversary emulation, leveraging the robust Caldera open-source platform. This demonstration serves as a preview of one of the engaging labs featured in our cutting-edge course, SEC598: Security Automation for Offense, Defense, and Cloud.
WebinarCyber Defense
- 31 Jan 2024
- 11:00 UTC
- Jeroen Vandeleur & Jason Ostrom