Moses Frost
Senior InstructorSolutions Consultant at Palo Alto Networks
Specialities
Cloud Security, Offensive Operations
SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
SEC588: Cloud Penetration Testing
SEC588Offensive Operations
- GIAC Cloud Penetration Tester (GCPN)
- 6 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 27 Hours of hands-on instruction
Virtual Events
Explore content featuring this instructor’s insights and expertise.
- Slide 1 of 5
Containers Workshop: How They Work and How To Assess Them
Our containers workshop will be a two-hour workshop that will focus on how we can assess vulnerabilities in containers. As containers are part of the modern software stack, your company may use containers locally on a system and remotely on servers. Containers can be deployed on stand-alone servers, to a container service like AWS ECS, and on orchestration technologies like Kubernetes. Given how ubiquitous containers are, you will likely either be working with or attacking them at some point in your career.
WebinarCyber Defense
- 29 Jun 2023
- 12:00 UTC
- Moses Frost
- Slide 2 of 5
Attacking User Identities
Identities are the foundational cornerstone of many environments. Identity is typically the front door for web, infrastructure portals, and VPN services. Most organizations should implement additional countermeasures to prevent attackers from breaking into an organization. The perimeter of many environments is de-facto users’ identities. How you protect those identities is critical. Understanding how to attack identities is crucial for those who emulate attack groups.
WebinarOffensive Operations
- 1 Dec 2023
- 15:00 UTC
- Moses Frost
- Slide 3 of 5
Making Mistakes Publicly: Cloud Edition – Aviata Solo Flight Challenge Chapter 1
Public Cloud Environments can make things, well, rather public. While there are ways to prevent this, and the cloud providers have made strides, retroactive changes are not a thing. As such, we still find very poorly configured environments today.
WebinarCloud Security
- 16 Apr 2024
- 10:00 UTC
- Moses Frost
- Slide 4 of 5
Spring Cyber Solutions Fest 2024: DevSecOps & Application Security Track
The idea of DevSecOps, the term the industry had initially decided on for the work between the Application and Operations teams, was coined 15 years ago. To give perspective, the iPhone 3GS came out that year. If we think of what we had to work with in 2009, we now know in hindsight that we have better options, solutions, software, and patterns. We have an iPhone 15; we no longer have BlackBerry OS or Nokia. Windows 8.1? I hope not.Here are a few questions we will be reviewing during this solutions track:- How has DevSecOps and Application Security changed since then?- Where do we fit in?- Should we be more or less hopeful?We think we are in a much better place and in this forum, we will show you how it’s become better. Join the 5th annual DevSecOps & Application Security Track to listen to a curated list of talks to help stimulate thought and actionable solutions for you to implement in your organization.Forum Highlights: Discover how industry leading technologies and techniques can your ability to better secure you development and application environments Learn from industry leaders as they dive into cutting-edge use case studies and specific examplesInteract with the SANS chair Moses Frost, speakers and peers in the interactive Slack workspace by posting questions and discussing the forum topic
WebinarCloud Security- 19 Apr 2024
- 10:00 UTC
- Moses Frost, Jim Armstrong, Tim Chase + 2 more
- Slide 5 of 5
Do You Think You're Ready to Attack the Cloud? Unlock the Secrets of Cloud Penetration Testing!
As a penetration tester, you may be well-versed in your go-to tips, tricks, and tactics for on-premises systems. But what happens when you're tasked with testing new and complex environments like AWS, Azure, Container Workloads, or Kubernetes?
WebinarCyber Defense
- 5 Jul 2024
- 16:30 IST
- Moses Frost