hero image
Jerod Brennen - Brennen Consulting. South Charleston, OH, US

Jerod Brennen

Founder and Principal Consultant | Brennen Consulting

South Charleston, OH, UNITED STATES

I help clients protect their businesses by building effective, efficient, forward-thinking cybersecurity programs.

Media

Publications:

Documents:

Hacking Identity: A Pen Tester's Guide to IAM What you need to know about OSINT Implementing an Effective Third Party Risk Management Program Common Sense Security Framework Information Security Management 101

Photos:

Videos:

Audio/Podcasts:

Social

Biography

By day, I'm a strategic advisor, virtual CISO, public speaker, & storyteller.

By night, I'm a husband, father, writer, filmmaker, martial artist, musician, and gamer. I've earned every gray hair in my beard, having spent my career serving as a cybersecurity leader in public utilities, retail, higher education, consulting, and technology.

I love to share what I've learned over the years every chance I get: at local and regional professional meetings, at larger conferences, and online via blogs and podcasts. I've published multiple online information security courses with Pluralsight and LinkedIn Learning, and I teach courses in person, both domestically and internationally.

I bring a unique combination of perspective and experience to the table when helping organizations improve their cybersecurity programs, and I'd love to help you make those same improvements, focusing on the business value of an effective, efficient, forward-thinking cybersecurity program.

At the end of the day, I just want to help folks get one step closer to doing what they want to do securely.

Industry Expertise (3)

Security

Computer/Network Security

Information Technology and Services

Areas of Expertise (4)

Cyber Security

Information Security

Identity and Access Management

Web Application Security

Education (2)

Franklin University: Post-Secondary Study, Computer Science

Capital University: Bachelor of Music, Music Education

Affiliations (2)

  • ISSA
  • (ISC)2

Languages (1)

  • English

Media Appearances (3)

Experts give advice on how to prevent baby monitor hacking

10TV  tv

2019-07-15

Interviewed regarding security advice for consumer-based technology

Media Appearance Image

view more

What it takes to be a security architect

CSO Online  online

2019-06-10

While the path to security architect varies, anyone considering the role should have a passion for IT infrastructure and protecting data.

view more

A Practical Approach to OSINT Gathering

PenTest Magazine  print

2019-09-01

Social engineering is (and will continue to be) an excellent technique to use during your pentests. If social engineering attacks are in-scope, then knowing the names and titles of your targets will help you craft more effective phishing campaigns. If social engineering isn’t in-scope, you can still use this OSINT to collect valid email addresses (for login usernames), to build out possible password lists, and to answer secret questions in password management portals.

PenTest Magazine Cover

view more

Event Appearances (205)

Enterprise Log Management

Central Ohio InfoSec Forum  Columbus, OH

2006-05-17

Sustainable PCI Compliance

Central Ohio InfoSec Summit  Columbus, OH

2008-05-13

How to Pwn the Data Center

Ohio Information Security Conference  Dayton, OH

2009-03-12

The Impact of PCI 2.0

Ohio Information Security Conference  Dayton, OH

2011-02-09

Security Outlook: The Next Five Years

Technology First Landscape  Dayton, OH

2011-05-11

Yes You Can: Securing the Mobile Enterprise

Central Ohio InfoSec Summit  Columbus, OH

2011-05-12

How to Securely Deploy and Manage Mobile Devices

Central Ohio ISACA Meeting  Columbus, OH

2011-05-19

How to Securely Deploy and Manage Mobile Devices

Mountaineer ISSA Meeting  Morgantown, WV

2011-07-12

Application Security 101: Back to the Basics

BrightTalk  online

2011-08-23

DDoS Attack Preparation and Mitigation

Ohio Information Security Forum  Dayton, OH

2011-09-08

How to Securely Deploy and Manage Mobile Devices

(ISC)2 Security Congress  Orlando, FL

2011-09-19

How to Securely Deploy and Manage Mobile Devices

Mobile & Smart Device Security Conference  Atlanta, GA

2011-10-04

Identity and Access Management 101

Central Ohio ISSA Meeting  Columbus, OH

2011-10-19

How to Securely Deploy and Manage Mobile Devices

BrightTalk  online

2011-10-27

How to Securely Deploy and Manage Mobile Devices

MDECA Meeting  Dayton, OH

2011-10-27

Application Security 101: Back to the Basics

Central Ohio ISACA Meeting  Columbus, OH

2011-11-10

The Impact of PCI 2.0

BrightTalk  online

2011-12-01

Bridging the Social Media Implementation / Audit Gap

Pittsburgh ISACA Meeting  Pittsburgh, PA

2011-12-05

Everything You Need to Know About PCI

CASE V Regional Conference  Chicago, IL

2011-12-11

Managing Mobile Risks

BrightTalk  online

2012-02-28

Identity and Access Management 101

Greater Cincinnati ISSA Meeting  Cincinnati, OH

2012-03-21

Mobile Device Security Workshop (full day)

InfoSec World Security Conference  Orlando, FL

2012-04-01

Security Architecture

Central Ohio ISSA, CISSP Preparation Class  Columbus, OH

2012-05-01

Mobile Security Panel Discussion

Central Ohio ISACA Meeting  Columbus, OH

2012-05-10

Information Security Management 101: The Fundamentals

Central Ohio InfoSec Summit  Columbus, OH

2012-05-18

Mobile Threats

The Ohio State University Security Working Group Meeting  Columbus, OH

2012-05-21

Defending Mobile Applications

Central Ohio OWASP Meeting  Columbus, OH

2012-06-14

Consumerization Panel

TechTomorrow  Columbus, OH

2012-09-26

DDoS Attack Preparation and Mitigation

GrrCON  Grand Rapids, MI

2012-09-28

Defending Mobile Applications

M3 Conference  Columbus, OH

2012-10-26

Mobile Device Security Workshop (full day)

Mobile & Smart Device Security Conference  Scottsdale, AZ

2012-10-29

Conducting a Risk Assessment for Mobile Devices

Mobile & Smart Device Security Conference  Scottsdale, AZ

2012-10-30

Information Security Management 101: The Fundamentals

Central Indiana ISSA Meeting  Indianapolis, IN

2013-01-12

Information Security Management 101: The Fundamentals

Greater Cincinnati ISSA Meeting  Cincinnati, OH

2013-02-20

Information Security Management 101: The Fundamentals

Ohio Information Security Conference  Dayton, OH

2013-03-13

Information Security Management 101: The Fundamentals

Ohio Information Security Forum  Dayton, OH

2013-03-14

Information Security Management 101: The Fundamentals

Northeast Ohio ISSA Meeting  Garfield Heights, OH

2013-04-11

Security Project Management Workshop (full day)

InfoSec World Security Conference  Orlando, FL

2013-04-06

Mobile Device Security Workshop (full day)

InfoSec World Security Conference  Orlando, FL

2013-04-07

Information Security Management 101: The Fundamentals

InfoSec World Security Conference  Orlando, FL

2013-04-08

Attacking (and Defending) Mobile Devices

Central Ohio ISSA Meeting  Columbus, OH

2013-04-17

Mitigating the Risks of BYOD

Central Ohio InfoSec Summit  Columbus, OH

2013-05-02

Information Security Management 101: The Fundamentals

Central Ohio ISACA Meeting  Columbus, OH

2013-05-09

Information Security Management 101: The Fundamentals

Secure360 Conference  Saint Paul, MN

2013-05-15

Auditing Mobile Devices

InSPN Meeting  Indianapolis, IN

2013-08-08

Information Security Management 101: The Fundamentals

Hacker Hotshots  online

2013-08-20

Attacking and Defending Mobile Applications

M3 Conference  Columbus, OH

2013-10-25

Common Sense Security Framework

BSides Columbus  Columbus, OH

2015-01-19

Running Your Apps Through the Gauntlt

Columbus OWASP  Columbus, OH

2016-01-28

What You Need to Know About OSINT

Central Ohio InfoSec Summit  Columbus, OH

2016-03-30

Implementing an Effective Third Party Risk Management Program (Workshop)

Cloud Security World  Boston, MA

2016-06-16

Implementing an Effective Third Party Risk Management Program

Central Ohio InfoSec Summit  Columbus, OH

2017-04-21

Stealing Domain Admin (or How I Learned to Stop Worrying and Love the CSSF)

Central Ohio ISSA  Columbus, OH

2017-05-17

A Common Sense Approach to Information Security

Cybersecurity Leadership Forum  Columbus, OH

2017-09-28

Cyber Security: Assuring Resilience in a World of Cyber Crime

11th Annual Nonprofit Perspectives  Columbus, OH

2017-10-25

Stealing Domain Admin (or How I Learned to Stop Worrying and Love the CSSF)

GrrCON  Grand Rapids, MI

2017-10-26

Managing the Risk of Smart Technologies

16th Annual Information Assurance Forum  Findlay, OH

2017-11-01

Stealing Domain Admin (or How I Learned to Stop Worrying and Love the CSSF)

Information Security Summit  Independence, OH

2017-11-02

Automating Security Testing with the OWTF

CodeMash  Sandusky, OH

2018-01-11

Implementing an Effective Vulnerability Management Program

Central Ohio ISSA Meeting  Columbus, OH

2018-01-17

Automating Security Testing with the OWTF

Central Ohio OWASP Meeting  Columbus, OH

2018-01-25

Stealing Domain Admin (or How I Learned to Stop Worrying and Love the CSSF)

Ohio Information Security Conference  Dayton, OH

2018-02-07

Automating Security Testing with the OWTF

BSides Columbus  Columbus, OH

2018-03-02

Open Source Intelligence (OSINT) Gathering Workshop

InfoSec World  Orlando, FL

2018-03-17

Developing a Cybersecurity Strategy

2018 Risk & Cybersecurity Summit  Toledo, OH

2018-03-21

Simplifying Cybersecurity

FFIEC Supervisory Updates and Emerging Issues for Large, Complex Financial Institutions  Arlington, VA

2018-04-04

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Columbus, OH

2018-04-26

Hacking Identity: A Pentester's Guide to IAM

Converge  Detroit, MI

2018-05-11

Hacking Identity: A Pentester's Guide to IAM

BSides Cincinnati  Cincinnati, OH

2018-05-12

Automating Security Testing with the OWTF

Central Ohio InfoSec Summit  Columbus, OH

2018-05-15

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Lyndhurst, OH

2018-05-24

Hacking Identity: A Pentester's Guide to IAM

Central Ohio ISSA  Columbus, OH

2018-06-20

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Cincinnati, OH

2018-06-21

Hacking Identity: A Pentester's Guide to IAM

BSides Cleveland  Cleveland, OH

2018-06-23

Hacking Identity: A Pentester's Guide to IAM

Ohio Information Security Forum (OISF) Anniversary Conference  Dayton, OH

2018-07-14

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Southfield, MI

2018-07-26

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Beavercreek, OH

2018-08-30

Hacking Identity: A Pen Tester's Guide to IAM

InfoSec Nashville  Nashville, TN

2018-09-07

Hacking Identity: A Pen Tester's Guide to IAM

Pittsburgh ISSA Chapter Meeting  Pittsburgh, PA

2018-09-11

Hacking Identity: A Pen Tester's Guide to IAM

NeoISSA Chapter Meeting  Brecksville, OH

2018-09-13

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Columbus, OH

2018-09-26

A Common Sense Approach to Information Security

Northwest Arkansas ISACA/IIA Training Symposium  Bentonville, AR

2018-09-27

A Tour Behind the Dark Curtain: Your Identity in the Dark Web

Ohio State University Cybersecurity Day  Columbus, OH

2018-10-02

Hacking Identity: A Pen Tester's Guide to IAM

INTERFACE-Alabama  Birmingham, AL

2018-10-04

Hacking Identity: A Pen Tester's Guide to IAM

Three Rivers Information Security Symposium  Monroeville, PA

2018-10-19

Simplifying Cybersecurity

FFIEC Supervisory Updates and Emerging Issues for Large, Complex Financial Institutions  Arlington, VA

2018-10-24

Hacking Identity: A Pen Tester's Guide to IAM

Information Security Summit  Cleveland, OH

2018-10-26

Hacking Identity: How Attackers Really Operate

Midwest Healthcare and Public Health Summit  Hebron, KY

2018-11-05

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Birmingham, MI

2018-11-08

Zen and the Art of Cybersecurity

Data Connectors  Nashville, TN

2018-11-15

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Toledo, OH

2018-12-14

Simplifying Cybersecurity

North Carolina Office of the Commissioner of Banks - Professional Development Seminar  Raleight, NC

2019-01-11

The Path to IAM Maturity

Data Connectors  Columbus, Ohio

2019-01-17

Hacking Identity: A Pentester's Guide to IAM

Kentuckiana ISACA  Louisville, KY

2019-01-18

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Columbus, Ohio

2019-01-24

Hacking Identity: A Pentester's Guide to IAM

Data Connectors  Indianapolis, IN

2019-02-14

What I Wish I Knew Then: Distilling Decades of InfoSec Experience

Central Ohio ISSA  Columbus, OH

2019-02-20

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Lyndhurst, OH

2019-02-21

The Path to IAM Maturity

BSides Columbus  Columbus, OH

2019-03-01

The Path to IAM Maturity

Ohio Information Security Conference  Dayton, OH

2019-03-13

The Path to IAM Maturity

Northwest Ohio ISSA Meeting  Toledo, OH

2019-03-20

Securing Mobile Devices and Mobile Applications

Infosec World  Orlando, FL

2019-03-31

If You Train Them...

The Ohio State University - Guest Lecturer  Columbus, Oh

2019-04-02

The Path to IAM Maturity

HIMSS – Kentucky Bluegrass Chapter  Florence, IN

2019-04-04

The Path to IAM Maturity

Northern Ohio InfoSec Awareness Day  Wadsworth, OH

2019-04-10

What I Wish I Knew Then: Distilling Decades of InfoSec Experience

Central Ohio InfoSec Summit  Columbus, OH

2019-05-23

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Columbus, OH

2019-07-18

Application Security: Vetting the Security of Web and Mobile apps

IT Audit & Controls Conference  Arlington, VA

2019-07-19

Simplifying Cybersrecurity

Emerging Issues Forum for Bank Directors  Raleigh, NC

2019-08-16

Simplifying Cybersecurity

NCUA Credit Examiner Conference  Charlotte, NC

2019-08-28

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Columbus, OH

2019-08-29

Building Your IAM Program

Detroit Area IAM User Group  Plymouth, MI

2019-09-10

Building Your IAM Program

Indianapolis IAM User Group  Indianapolis, IN

2019-09-12

Building Your IAM Program

Northwest Ohio Cyber & Risk Summit  Toledo, OH

2019-09-25

An Introduction to Penetration Testing

OSU CyberSecurity Club Meeting  Columbus, OH

2019-10-01

Building Your IAM Program

Three Rivers Information Security Symposium  Monroeville, PA

2019-10-11

OSINT Gathering Essential Training (Workshop)

Information Security Summit  Cleveland, OH

2019-10-21

We Are What’s in Our Pockets: Taking Command of Your Digital Life

OSU Cybersecurity Day  Columbus, OH

2019-10-28

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Cleveland, OH

2019-11-01

Building Your IAM Program

Louisville Metro InfoSec Conference  Louisville, KY

2019-11-18

Building Your IAM Program

CiNPA Security Meeting  Cincinnati, OH

2019-11-21

Hacking Identity: A Pentester's Guide to IAM

BSides Dayton  Dayton, OH

2019-11-23

Simplifying Cybersecurity Workshop

Central Ohio ISACA 2019 December CPE Bonanza  Columbus, Ohio

2019-12-02

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Cincinnati, OH

2020-01-13

Identity Governance Workshop

Cincinnati Identity Governance Workshop  Cincinnati, OH

2020-02-18

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Louisville, KY

2020-02-19

Privacy Please

Privacy Please Podcast  Podcast

2020-02-22

Current Events in Privacy and Security (roundtable moderator)

Keeping Your IAM Program Afloat  Columbus, OH

2020-03-04

Building a Career in InfoSec

Dark Rhino Security Twitch Stream  https://www.twitch.tv/darkrhinosecurity/

2020-03-13

If You Train Them...

The Ohio State University - Guest Lecturer  Columbus, OH

2020-04-09

Developing Your Identity Strategy

Data Connectors  Detroit, MI

2020-04-14

Developing Your Identity Strategy

Central Ohio ISSA  Columbus, OH

2020-04-15

Building Your Identity Program

FutureCon  Online

2020-04-21

Developing Your Identity Strategy

Data Connectors  Chicago, IL

2020-04-30

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Online

2020-04-30

Remote Workforce: Securing the Next Normal

ISMG Executive Roundtable  Online

2020-05-13

Automating Your Identity Management Activities

Mid-Ohio HDI Chapter Meeting  Online

2020-05-15

Developing Your Identity Strategy

Data Connectors (Tampa)  Online

2020-05-19

Hacking Identity: A Pentester's Guide to IAM

SailPoint/Optiv Identity Governance Webinar  Online

2020-05-20

Hacking Identity: A Pentester's Guide to IAM

Online  Nashville IAM Meetup

2020-05-21

The Path to Identity Maturity

SailPoint/Optiv Identity Governance Webinar  Online

2020-05-27

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum  Online

2020-06-02

Building Your Identity Program

SailPoint/Optiv Identity Governance Webinar  Online

2020-06-03

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - IN/KY  Online

2020-06-09

Developing Your Identity Strategy

SailPoint/Optiv Identity Governance Webinar  Online

2020-06-10

CIO Roundtable Moderator

Indianapolis Digital Roundtables  Online

2020-06-16

The Path to Identity Maturity

(ISC)2 Greater Detroit  Online

2020-06-23

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - MI  Online

2020-06-25

Identity with Jerod Brennen

CSA West Michigan Podcast  Online

2020-06-26

Developing Your Identity Strategy

Carolinas Virtual Cybersecurity Summit (Data Connectors)  Online

2020-07-09

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - IN/KY  Online

2020-07-14

Understanding Identity

New Cyber Frontier  Podcast

2020-07-22

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - TN  Online

2020-07-23

Virtual CISO/CIO Roundtable Discussion

CxO InSyte  Online

2020-07-15

Identity Threat Modeling

Indentiverse  Online

2020-07-28

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - OH  Online

2020-07-30

The Path to Identity Maturity

CloudCon  Online

2020-08-19

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - IN/KY  Online

2020-08-18

Identity Threat Modeling

BSides Columbus  Online

2020-08-21

Building Your Identity Program

SailPoint Navigate  Online

2020-08-27

Virtual CISO/CIO Roundtable Discussion

CxO InSyte  Online

2020-08-26

Hacking Identity

IDSA BrightTALK  Online

2020-09-03

Identity-Centric Security

Identity at the Center  Podcast

2020-09-07

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - MI  Online

2020-09-17

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - OH  Online

2020-09-24

Building Your Identity Program

Central Ohio InfoSec Summit  Online

2020-09-30

Developing Your Identity Strategy

Central Ohio InfoSec Summit  Online

2020-09-30

Taking Ownership of Your Digital Identity

OSU Cybersecurity Days 2020  Online

2020-10-14

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum (TN)  Online

2020-10-15

Using OSINT to Combat Human Trafficking

Northern Ohio Infragard  Online

2020-10-16

Roundtable moderator

The A to Z's of IGA  Online

2020-10-21

Cyber Insurance and Risk (roundtable moderator)

Cybersecurity Leadership Forum  Online

2020-10-22

Developing Your Identity Strategy

Information Security Summit  Online

2020-10-29

Using OSINT to Combat Human Trafficking

Northwest Ohio ISSA  Online

2020-10-29

Developing Your Identity Strategy

Data Connectors (St. Louis / Oklahoma)  Online

2020-10-29

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - OH  Online

2020-11-18

Roundtable moderator

Holiday Virtual Roundtable  Online

2020-12-02

Building Your Identity Program

4th Annual Identity Governance Forum  Online

2020-12-08

Achieving Cloud Governance

Nashville ISSA  Online

2020-12-11

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - OH  Online

2020-12-15

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - TN  Online

2021-01-27

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - IN/KY  Online

2021-02-03

Achieving Cloud Governance

Detroit Cloud Security Alliance  Online

2021-02-02

Guest Lecturer

The Ohio State University - Info Sec Mgmt (28243)  Columbus, OH

2021-02-04

Identity Security: When Two Worlds Collide

Wine Down Wednesday  Online

2021-04-28

The Path to Identity Program Maturity

Optiv & SailPoint Identity Management Series  Online

2021-05-19

Achieving Cloud Governance

Central Ohio InfoSec Summit  Online

2021-05-24

OSINT Panel Discussion

Central Ohio InfoSec Summit  Online

2021-05-25

Building Your Identity Program

Optiv & SailPoint Identity Management Series  Online

2021-05-26

Developing Your Identity Strategy

Optiv & SailPoint Identity Management Series  Online

2021-06-02

Achieving Cloud Governance

Optiv & SailPoint Identity Management Series  Online

2021-06-09

A Practical Approach for Achieving Cloud Governance

CIO's Future of Cloud and Digital Infrastructure Summit  Online

2021-06-16

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - OH  Online

2021-07-29

A Practical Approach for Achieving Cloud Governance

SailPoint Navigate  Online

2021-08-17

A Hacker’s View of Your Identity Program

SailPoint Navigate  Online

2021-08-18

Current Events in Privacy and Security (roundtable moderator)

Cybersecurity Leadership Forum - OH  Online

2021-08-27

Successful Organizations Lean Into Our Remote Future

OSU Cybersecurity Days 2021  Online

2021-10-06

You Don't Need to Lie to Your Auditors

Information Security Summit  Cleveland, OH

2021-10-27

You Are a Target: The Mindset of a Modern Cybercriminal

OSU Cybersecurity Days 2021  Online

2021-10-13

There's Gold in Them There Hacks

Hackers Teaching Hackers  Columbus, OH

2021-11-05

Embracing Online Collaboration Tools While Reducing Risk

RTM Higher Ed Congress  San Antonio, TX

2021-11-09

You Don't Need to Lie to Your Auditors

Northwest Ohio ISACA and IIA Cybersecurity and Risk Management Summit  Online

2021-11-16

A Practical Guide to IAM

Central Ohio ISACA Chapter Training  Online

2021-12-06

There's Gold in Them There Hacks

Central Ohio ISSA Chapter Meeting  Online

2021-11-17

Securing Your Organization by Protecting the Human

CISO Chicago Summit  Chicago, IL

2021-12-09

Sample Talks (1)

Information Security Management 101: The Fundamentals

Information security professionals interact with every facet of the business, and the information security manager is expected to demonstrate the proverbial “mile wide, inch deep” understanding of all things security-related. We can do more with less by implementing and maintaining an ISO-based information security program. This presentation will give you the tools and knowledge you need to be successful in any organization.

Style

Availability

  • Keynote
  • Panelist
  • Workshop Leader

Fees

0 to 5000 *Will consider certain engagements for no fee

Courses (5)

Security Testing Essential Training

To provide your organization with confidence, you need to perform testing to prove it's secure. However, not all security testing is the same. A risk assessment is not a vulnerability assessment; a penetration test won't measure compliance. For a successful career, a security analyst needs to have an understanding of the many different types of security testing and know when and how to implement them. This course provides the resources you need to set up a testing environment, plan assessments, identify targets, and begin executing security tests. Instructor Jerod Brennen also helps you analyze test results and draft a report of your findings. Plus, see popular testing frameworks tools in action, include Nmap, Nessus, Wireshark, Lynis, OWASP ZAP, Aircrack-ng, and hashcat, as run on a Kali Linux virtual machine.

view more

Online Application Security Testing

Building security testing into the software development life cycle is the best way to protect your app and your end users. This course identifies tools and techniques that developers can use to minimize the cost and impact of security testing—while maximizing its impact and effectiveness. In this course, instructor Jerod Brennen focuses on online testing, using security scanning, penetration testing, and vulnerability testing to validate code and uncover vulnerabilities. He explains the difference between positive and negative, manual and automated, and production and non-production testing, so you can choose the right kind for your workflow. The hands-on sections—with demos of popular tools such as Fiddler, Burp Suite, and OWASP OWTF—prepare you to apply the lessons in the real world.

view more

Offline Application Security Testing

Building security testing into the software development life cycle is the best way to protect your app and your end users. This course identifies tools and techniques that developers can use to minimize the cost and impact of security testing—while maximizing its impact and effectiveness. In this course, instructor Jerod Brennen focuses on offline testing activities: preparing test plans, policies, and other documentation and conducting offline source code reviews. He also explains how to conduct offline testing for the OWASP Top Ten vulnerabilities. Along the way, you can become familiar with best practices around security in the SDLC. The hands-on sections—with demos of popular tools such as Codacy and SonarQube—prepare you to apply the lessons in the real world.

view more

Performing OSINT Gathering on Corporate Targets

Open Source Intelligence (OSINT) gathering is a critical component of penetration testing. This course will teach you how to gather various forms of corporate OSINT, including physical, logical, org chart, electronic, infrastructure, and financial.

view more

Performing OSINT Gathering on Employee Targets

Open Source Intelligence (OSINT) gathering applies to not only companies but to employees as well. This course will teach you how to gather various forms of employee OSINT, including historical, social, mobile, and physical information.

view more

Articles (2)

The Curse of the Information Security Professional

Medium

Jerod Brennen

2018-04-04

Insights into some of challenges we face as information security professionals.

view more

It’s time for a common sense security framework

Help Net Security

Jerod Brennen

2017-06-05

An introduction to the Common Sense Security Framework (CSSF)

view more