Moses Frost
Senior InstructorSolutions Consultant at Palo Alto Networks
Specialities
Offensive Operations, Cloud Security
Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsOffensive Operations, Cloud Security
A ‘90s BBS kid who goofed off and found themselves in the early days of Information Security, Moses Frost first ventured into IT in 1998 when he took a role in converting Windows 95/98 machines into Windows NT/2000/XP workstations. Since then, Moses has built an impressive career as a Network Architect, DevOps Engineer, and Information Security professional across various companies. Today, he works in the Offensive Operations space as a Red Team Operator at Neuvik and serves as the course author and senior instructor for SANS SEC588: Cloud Penetration Testing.
Keep on killing it. Moses is the best SANS instructor I have had.
Moses is a great instructor and really walks you through each step of the way not to leave anyone behind.
Very knowledgeable and really knows how to keep students engaged.
Here are upcoming opportunities to train with this expert instructor.
Explore content featuring this instructor’s insights and expertise.
As a penetration tester, you may be well-versed in your go-to tips, tricks, and tactics for on-premises systems. But what happens when you're tasked with testing new and complex environments like AWS, Azure, Container Workloads, or Kubernetes?
The idea of DevOps, the term the industry had initially decided on for the work between the Application and Operations teams, was coined 15 years ago. To give perspective, the iPhone 3GS came out that year.
Public Cloud Environments can make things, well, rather public. While there are ways to prevent this, and the cloud providers have made strides, retroactive changes are not a thing. As such, we still find very poorly configured environments today.
Identities are the foundational cornerstone of many environments. Identity is typically the front door for web, infrastructure portals, and VPN services. Most organizations should implement additional countermeasures to prevent attackers from breaking into an organization. The perimeter of many environments is de-facto users’ identities. How you protect those identities is critical. Understanding how to attack identities is crucial for those who emulate attack groups.
Our containers workshop will be a two-hour workshop that will focus on how we can assess vulnerabilities in containers. As containers are part of the modern software stack, your company may use containers locally on a system and remotely on servers. Containers can be deployed on stand-alone servers, to a container service like AWS ECS, and on orchestration technologies like Kubernetes. Given how ubiquitous containers are, you will likely either be working with or attacking them at some point in your career.