Profile
Computer Science has always interested Serge. He explains, “I find the field challenging, deep, technical and a provider of constant learning opportunities; and these are things that I greatly enjoy.” This appeal would lead him to earn a Master’s Degree in Computer Systems Security from Colorado Technical University.
Serge founded his cyber security consulting firm, SpyderSec, in 2015, which specializes in penetration testing, security awareness training, and OSINT gathering. In addition, he is also President of the Denver OWASP chapter, sits on the security advisory board for the Cherry Creek Innovation Campus (CCIC), and organizes the annual security conference, SnowFROC. In 2019, he published The Penetration Tester's Guide to Web Applications, an innovative resource that provides clear guidance on how to identify and exploit common web application vulnerabilities.
After his second SANS course, Serge pursued becoming a SANS Instructor. He saw students struggling with deeply technical topics that require a solid foundation to fully grasp and knew he could communicate this information in such a way that is both easy to understand and relevant to the student. “My teaching philosophy is all about keeping it real. What I bring to the classroom is my knowledge and experience over the last 15 years working on the front lines as a Sr. Security Engineer in enterprise security, and, more recently, running SpyderSec.”
In the classroom you’ll find him teaching SEC480: AWS Secure Builder™ and SEC488: Cloud Security Essentials. He holds the CISSP, GPEN, GWAPT, GCFA, and GWEB certifications. He has risen over the years to become an authoritative figure in the community, who is now approached for podcasts, radio and TV interviews, and to provide expert consultation for publications. Serge is also a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition. As he says, "I like being able to help people and sharing my expertise is my way of doing just that."
Hear Serge talk about cloud security here:
ADDITIONAL CONTRIBUTIONS BY SERGE BORSO:
WEBCASTS and WORKSHOPS
- Advancing Your Cloud Security Journey, Oct 2023
- Cloud VM Deployment and Hardening, July 2023
- Cloud Security for Beginners: Part 3: Defending the Cloud, April 2022
- Cloud Security for Beginners: Part 2: Working in the Cloud, March 2022
- Cloud Security For Beginners: Part 1: Starting Off in the Cloud, Feb 2022
- Cloud Security for Dummies, January 2022
- AppSec DFIR 201, RSAC 2021, May 2021
BOOKS & WHITEPAPERS
- The Penetration Tester's Guide to Web Applications
- Increasing Visibility with Ixia's Vision ONE, June 2019
TOOLS
- Espial - OSINT tool for asset identification, service validation and vulnerability detection