How to implement security for large government websites using open sourced Content Management Systems. Learn from experiences in implementing one of the first widely publicized adoptions of Drupal by the United States Government.

The requirements and necessity of IT security do not go away when open source software is used.  In fact, in many ways the bar is raised.

Please join us for this exciting session and learn how security is implemented for open source software implementations...challenges experienced...and lessons learned by by Jason Ingalls CISA, CISSP, CEO Ingalls Information Security.

Also, this months Rainmaker presented by Sales Lab will be "First, Make An Offer." 

Presented by: Jason Ingalls CISA, CISSP, CEO Ingalls Information Security

Jason is the founder of Ingalls Information Security, which was formed in 2010 and focuses on offering Information Assurance services to customers in regulated industries and government sectors.  Jason has over ten years' of experience providing engineering, testing, training, and development of solutions that mitigate security risks to Information Systems.  He has managed and supervised engineers and technicians in the development and support of security related services for a broad range of projects, including Penetration Testing, Vulnerability Assessments, Application Testing, Forensic Analysis, Incident Response, and Compliance- and Risk-based Auditing.  Jason was responsible for the development and support of Penetration Testing, Vulnerability Assessments, Social Engineering testing, and Document Destruction compliance auditing, by utilizing subject matter expertise and highly technical applications to perform these duties. As an engineering team lead, Jason has provided Forensic Analysis and Incident Response support for data breaches that are still some of the largest incidents in history.  
 
Risk-based audits have been performed by Jason for many financial institutions varying in asset size from fifty million to over one billion dollars.  Jason has also performed compliance-based auditing of Sarbanes Oxley (SOX) test programs for publicly traded corporations in the energy sector.  He has performed Security Assessments for non-profit organizations in the health care industry, and Application Development Security testing for major federal government customers utilizing both Open Source as well as Commercial security testing applications.
 
Jason became involved with Drupal Security in 2009 and was the vendor-side security team lead for a major government Content Management System development effort that became the one of the first widely publicised adoptions of Drupal by the United States Government.  He has successfully supported Government compliance requirements, developed test plans, executed testing, assisted in remediation, and validated risk mitigation for several government and NGO clients.  Jason's specialization in Drupal API security assessment and Drupal web penetration testing has placed him and his company in a specialized field with few peers, which he hopes to help remedy by spreading the word about Drupal security and compliance processes in webinars that he has co-hosted with Acquia, presentations at Drupalcon, and active involvement in the Drupal community.
 
Jason is a husband and father of three who enjoys taking camping trips with the family into the middle of the Louisiana wilderness, has a passion for grilling anything he can get into a decently-sized BBQ pit, and loves boiling crawfish when they are available.  He lives in Central Louisiana, where his wife is a practicing Obstetrician/Gynecologist.