All posts tagged isecom

Do Reverse Proxies provide real security?

OSSTMM

Have you ever questioned the security best practices?

In the process of building / designing the infrastructure for a new project the following question was asked: “shouldn’t we use a reverse proxy to secure or protect the web servers?” Of course the first question I asked myself is “do reverse proxies provide real security?” or is this a best / common practice that has been adopted without foundation? Keep Reading →

ISECOM TtT

I managed to get a few days away from the day job to attend the ISECOM Train the Trainer event in Barcelona (27-29 May) and it was really a great experience.  Being that the event was for the certified or to be certified trainer crowd it was pretty intense and at the end of the last day my brain was jello.

Jello Brain

Jello Brain

It was great to finally meet Pete Herzog, who I had the pleasure of working with before on the Hacking Expossed book.  I also got time to meet some of other European trainers, and it’s a good batch  😉

I got to take the OPSA and OPST exams, the results should be due any time now.  I really liked the format of both cert exams: hands on!  For the OPST you have to shoot at a couple of live test systems to complete the results you need, and for the OPSA there is a little theory on the OSSTM, some shooting to be done but most of all analysis (hence the A in OPSA).  I fried my brain on the last question, I didn’t notice at the begining that it was a packet dump that needed to be analyzed.  So after 8 hours of class the 2.5h I took to complete the exam were the last effort.

For those of you who have no idea of what I’m talking about, you can find information on the OSSTM at http://www.isecom.org/