SANS Institute

the most trusted source for computer security training, certification and research

Certified Instructors

At SANS, we are thankful to have an instructor corps considered to be the best in the world. Not only do they meet SANS stringent requirements for excellence, they are all real-world practitioners. What you learn in class will be up-to-date and relevant to your jobs. But, don't take our word for it:

SANS instructors are simply the best in their fields.
- Kenneth Forward, Memorial University of Newfoundland

This is the opportunity to learn from instructors that are at the top of the food chain.
- Jeff Boggio, South Oakland Systems, LLC

Best training I've ever HAD - Instructor and SANS altogether!
- Duran Ochoa, Fox Entertainment Group

There is no better way to learn info sec today. Both the material and the instructors are world class.
- Mikkel Seiero, IBM

When it comes to SANS instructors and knowledge, no organization comes close.
- James Rogers, Dairyland Power Corp

Tanya Baccam - Baccam Consulting: Tanya is a SANS senior instructor, as well as a SANS courseware author. She provides many security consulting services for clients such as system audits, vulnerability and risk assessments, database assessments, web application assessments and penetration testing. Tanya has previously worked as the Director of Assurance Services for a security services consulting firm, as well as being the Manager of Infrastructure Security for a healthcare organization. She also served as a Manager at Deloitte & Touche in the Security Services practice. Throughout her career, she's consulted with many clients about their security architecture, including areas such as perimeter security, network infrastructure design, system audits, web server security, and database security. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, CCSE, CCSA and Oracle DBA certifications.

George Bakos - Northrop Grumman: George Bakos has been interested in computer security since the early 1980s when he discovered the joys of BBSs and corporate databases. These days he is Senior Engineer for Northrop Grumman's Cyber Threat Analysis & Intelligence team working to understand what's going on inside the minds and hearts of his adversaries. He was the developer of Tiny Honeypot and the IDABench intrusion analysis system, and was one of the researchers behind the Dartmouth Distributed Honeynet System. George developed and taught the U.S. Army National Guard's CERT technical curriculum and ran the NGB's Information Operations Training and Development Center research lab for two years, fielding and supporting Computer Emergency Response Teams nationwide. Outside the lab, George enjoys the beauties of his home state, Vermont, through skiing, ice and rock climbing, and mountain biking.

Ryan Barnett - Breach Security: Ryan C. Barnett is the Director of Application Security Training at Breach Security. He is also a Faculty Member for the SANS Institute, where his duties include Instructor/Courseware Developer for Apache Security/Building a Web Application Firewall Workshop, Top 20 Vulnerabilities Team Member and Local Mentor for the SANS Track 4, "Hacker Techniques, Exploits and Incident Handling" course. He holds six SANS Global Information Assurance Certifications (GIAC): Intrusion Analyst (GCIA), Systems and Network Auditor (GSNA), Forensic Analyst (GCFA), Incident Handler (GCIH), Unix Security Administrator (GCUX) and Security Essentials (GSEC). In addition to the SANS Institute, he is also the Team Lead for the Center for Internet Security Apache Benchmark Project and a Member of the Web Application Security Consortium. Mr. Barnett has also authored a web security book for Addison/Wesley Publishing entitled "Preventing Web Attacks with Apache."

Chris Brenton - Consultant (Fellow): Chris Brenton is a private consultant with over ten years experience in the field. He is one of the founding members of the initial Honeynet Project, one of the original Internet Storm Center handlers, and started up one of the first managed security ISP's. Over the years, he's been credited with the discovery of numerous vulnerabilities in various software products. Along with being a published author, Chris is responsible for maintaining all of the material in the SANS Perimeter Security track. In his spare time, Chris teaches rally and high speed off road security driving where he can be found teaching students to make their side window the front of the car.

Guy Bruneau - IPSS Inc.: Guy is a Senior Security Consultant with IPSS Inc. in Ottawa, Ontario. He works within IPSS Inc. security practice assisting clients with their Security needs, implementation and engineering of Intrusion Detection/Prevention Systems (IDS/IPS) on large networks, integration of Enterprise Security Management (ESM) solutions, Network Security Auditing, and Incident Response and Reporting. Guy has a B.A. (IT) from University of Quebec, holds GIAC GSEC, GCIA, GCIH, GCUX, GCFA and ISSPCS certifications. He is a SANS certified instructor, a course author and Stay Sharp instructor. He authored the OS hardened Snort with Sguil IDS platform where the ISO is freely available at: http://www.whitehats.ca.

Dr. Eric Cole, Ph.D. - SANS Technology Institute (Fellow): Dr. Eric Cole is an industry recognized security expert, with over 15 year's hands-on experience. Dr. Cole currently performs leading edge security consulting and works in research and development to advance the state of the art in information systems security. Dr. Cole has experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Dr. Cole has a Masters in Computer Science from NYIT, and a Ph.D. from Pace University with a concentration in Information Security. Dr. Cole is the author of several books including Hackers Beware, Hiding in Plain Site, Network Security Bible and Insider Threat. He is also the inventor of over 20 patents and is a researcher, writer, and speaker. Eric is also a senior scientist with Lockheed Martin Information Technology (LMIT) and Lockheed Martin (LM) fellow. Dr. Cole is actively involved with The SANS Technology Institute (STI) and SANS working with students, teaching, and maintaining and developing courseware.

Ted Demopoulos - Demopoulos Associates: Ted Demopoulos' first significant exposure to computers was in 1977 when he had unlimited access to his high school's PDP-11 and hacked at it incessantly. He consequently almost flunked out but learned he liked playing with computers a lot. His business pursuits began in college and have been continuous ever since. His background includes over 20 years of experience in information security and business, including 15+ years as an independent consultant. Ted helped start a successful information security company, was the CTO at a "textbook failure" of a software startup, and has advised several other businesses. Ted is a frequent speaker at conferences and other events, quoted often by the press, and blogs on new media at BloggingForBusinessBook.com. In his spare time he writes books on Web 2.0, including Blogging for Business and What No One Ever Tells You About Blogging and Podcasting. He also has an ongoing software concern in Hong Kong, The Arial Group, an enterprise risk management solutions provider. Ted lives in New Hampshire with his wife, three children and dog.

Jason Fossen - Enclave Consulting LLC (Fellow): Jason Fossen is a principal security consultant at Enclave Consulting LLC, a published author, and a frequent public speaker on Microsoft security issues. He is the sole author of the SANS Institute's week-long Securing Windows course (SEC505), maintains the "Windows day" of Security Essentials (SEC401.5), and has been involved in numerous other SANS projects since 1998. He was graduated from the University of Virginia, received his Master's degree from the University of Texas at Austin, and holds a number of professional certifications. He currently lives in Dallas, Texas.

Stephen Fried - Lucent Technologies: Stephen Fried is the Director of Global Information Security at Lucent Technologies, leading the team responsible for protecting Lucent's electronic and information infrastructure. Stephen began his professional career at AT&T in 1985 and has held a wide range of technical and management positions in such areas as software development, database design, call center routing, computing research, and information security for AT&T, Lucent Technologies and Avaya. In more recent history, Stephen has developed the information security program for two Fortune 500 companies, dealing with topics like policy development, risk assessment, technology development & deployment and security outsourcing. Stephen is a Certified Information Systems Security Professional and holds a B.S. in Telecommunications Management and a M.S. in Computer Science.

Jeff Frisk - Director of GIAC: Jeff currently serves as the Director of GIAC. He has worked on many projects for SANS including the On Demand product, courseware updates and GIAC exam development. Jeff has an engineering degree from RIT, The Rochester Institute of Technology. Jeff has held various positions including electronic systems and computer engineering, product development and operations management. He has many years of experience working with high-tech companies developing computer hardware and software products. Jeff has been involved with computer systems support and security for over 10 years.

Bryce Galbraith - Lead Consultant, Layered Security: Bryce began his IT journey at 10 years of age with a Commodore 64 and a 300 baud modem – he never looked back. As a contributing author of the internationally bestselling book, Hacking Exposed: Network Security Secrets & Solutions, Bryce helped bring the secret world of hacking out of the darkness and into the public eye. Bryce has held security positions at global ISPs and Fortune 500 companies as well as being a Senior Consultant on Foundstone’s world renowned attack and penetration team. Bryce also served as Senior Instructor and co-author of Foundstone’s, “Ultimate Hacking: Hands-On” series. He has taught the art of ethical hacking and countermeasures to thousands of IT professionals from a "who's who" of top companies, financial institutions, and government agencies around the globe. Bryce teaches SANS Security 504, "Hacker Techniques, Exploits and Incident Handling” and SANS Security 401, “Security Essentials Boot Camp” for SANS Institute. Bryce is an active member of several security-related professional organizations, he speaks at a variety of conferences and holds a number of certifications: CISSP, GCIH, GSEC, CEH, CHFI, Security+. Bryce is currently Lead Consultant and co-founder of Layered Security, Inc.

Jess Garcia - One eSecurity

Jess Garcia, founder of One eSecurity, is a Senior Security Engineer with over 15 years of experience in Information Security.

During the last 5 years Jess has worked in highly sensitive projects in Europe, USA, Latin America and the Middle East with top global customers in sectors such as financial & insurance, corporate, media, health, communications, law firms or government, in areas such as Incident Response & Computer Forensics, Malware Analysis, Security Architecture Design and Review, etc.

Previously, Jess worked for 10 years as a systems, network and security engineer in the Spanish Space Agency, where he collaborated as a security advisor with the European Space Agency, NASA, and other international organizations.

Jess is a frequent speaker at security events, having been invited to dozens of them around the world during the last few years. Jess has also contributed to several books, articles, SANS courseware, the GIAC program, etc. Jess is an active security researcher in areas such as Incident Response and Computer Forensics or Honeynets.

Jess holds a Masters of Science in Telecommunications Engineering from the Univ. Politecnica de Madrid.

John Green - Consultant: John is an internationally requested speaker and instructor on a wide variety of security topics. As an author for several of the GIAC certifications, John has written and taught courses in network and system auditing, vulnerability assessment, intrusion detection, forensic investigation and incident response. John honed his speaking skills by giving briefings on emerging threats and countermeasures to members of the White House and senior executives in the Pentagon. Highlights from John's career include: SHADOW IDS developer and analyst, Program Manager for DoD security research team, Team Leader of a DoD CIRT, Director of Incidents.org CIRT, and most recently, three years as Director of Information Security for the SANS Institute. Currently, John consults globally as a Subject Matter Expert in the fields of auditing, forensics, security infrastructure and awareness.

Jonathan Ham - jham corp.: Jonathan is an independent consultant who specializes in large-scale enterprise security issues, from policy and procedure, through staffing and training, to scalable prevention, detection, and response technology and techniques. With a keen understanding of ROI and TCO (and an emphasis on process over products), he has helped his clients achieve greater success for over 12 years, advising in both the public and private sectors, from small upstarts to the Fortune 500. He's been commissioned to teach NCIS investigators how to use Snort, performed packet analysis from a facility more than 2000 feet underground, and chartered and trained the CIRT for one of the largest U.S. civilian Federal agencies. He currently holds the CISSP, GSEC, GCIA, and GCIH certifications, and is a member of the GIAC Advisory Board. A former combat medic, Jonathan still spends some of his time practicing a different kind of emergency response, volunteering and teaching for both the National Ski Patrol and the American Red Cross.

Jim Herbeck - Nouvel Strategies: Jim is a consultant and director at NOUVEL Strategies, an information risk and security management company based in Geneva, Switzerland. He has spent over 20 years working with information systems in commercial, government, academic and research environments, both in the US and Europe. He received a computer science degree from the University of Iowa and has been an adjunct professor for the Computer Science Department at the University of New Mexico. Jim holds the CISSP and GCUX certifications.

Bob Hillery - Intelguardians: <p>Bob Hillery is a co-founder and Senior Security Analyst with Intelguardians, LLC, of Washington, DC. He brings a global perspective to consultancy through Information Systems Security Management and computer network security incident handling experience in the U.S. Navy, private sector, and R&D. Bob has published a number of papers regarding threat assessment, business systems security management, including a National Institute of Justice project evaluating cyber attack and forensics tools requirements while a Senior Researcher for the Institute for Security Technology Studies at Dartmouth College.</p> <p>He is on the Advisory Boards of the SANS Institute, a variety of academic groups, and small businesses providing technical insights for Information Security degree programs and for corporate and legal digital forensics requirements. He also served as the Vice President of Academic Affairs & Chair of Information Systems Department for NH Community Technical College. He is a certified instructor for the SANS Institute and guest lecturer at such places as the University of New Haven.s National Security Master.s Program and Franklin Pierce Law Center.</p> <p>Bob has Masters degrees in both Strategic Studies and International Relations. His professional certifications include CISSP, SANS GIAC certifications, MCSE and the NSA IAM & IEM.</p>

David Hoelzer - Cyber-Defense (Fellow): Since 1985, David has had almost any position that you can imagine in the information technology field, ranging from programmer analyst up to chief information security officer. He has been teaching for SANS since 1999, managing and authoring the majority of the audit related materials for SANS in addition to some of the secure coding courses from SANS-SSI. David currently serves as the Chief Information Officer for Enclave Forensics and the Director of Consulting for Cyber-Defense, a subsidiary of Enclave Forensics. He is a research fellow with the Internet Forensics Lab and an adjunct research associate with the UNLV Center for Cybersecurity Research.

Mark Hofman - Shearwater Solutions: Mark started in security in the early 90's. He has worked for state and federal government as well as the private sector and is currently working as a security consultant for Shearwater Solutions. He has been involved in many aspects of security ranging from the development of security plans and policies to AS/NZS 7799 work to designing and implementing security solutions. He has been teaching summer and winter school at a Sydney University and is currently working on a number of projects. He holds professional certifications including CISSP and GCFW.

Fred Kerby - SANS Institute: Fred is an engineer, manager, and security practitioner whose experience spans several generations of networking. He is the information assurance manager at the Naval Surface Warfare Center, Dahlgren Division and has vast experience with the political side of security incident handling. His team is one of the recipients of the SANS Security Technology Leadership Award as well as the Government Technology Leadership Award. Fred received the Navy Meritorious Civilian Service Award in recognition of his technical and management leadership in computer and network security. A frequent speaker at SANS, Fred’s presentations reflect his opinions and are not the opinions of the Department of the Navy.

Rob Lee - Principal Consultant-MANDIANT (Fellow): Rob Lee is a Principal Consultant for MANDIANT, a leading provider of information security consulting services and software to Fortune 500 organizations and the U.S. Government. Rob has over 11 years experience in computer forensics, vulnerability discovery, intrusion detection, and incident response. Rob graduated the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on Information Operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations and computer forensics. Prior to joining MANDIANT, he worked on contracts for a variety of government agencies, where he was the technical lead for a vulnerability discovery team, contractor lead for cyber forensics branch, and led a security software development team. Rob also coauthored the bestselling book, Know Your Enemy, 2nd Edition. In addition to working for MANDIANT and the SANS Institute, Rob is currently pursuing his MBA at Georgetown University in Washington D.C.

Matthew Luallen - Sphere, LLC: *Matthew E. Luallen* is a well-respected information professional, researcher, instructor and author. Mr. Luallen serves as the President and Principal Consultant of Sph3r3, LLC., a strategic and practical educational and consulting company. With Sph3r3 Mr. Luallen consults with both governmental and commercial sectors including a multi-client base of corporations, public utilities, financial institutions, law enforcement and healthcare organizations. He has provided assistance and architectural support for many information security projects including integrating compliance requirements associated with SOX, HIPAA and the NERC CIP standard. Recent endeavors include architecting and integrating protective controls for financial market transactions, virtualized environments and SCADA systems. Prior to incorporating Sph3r3, Mr. Luallen provided strategic guidance for Argonne National Laboratory, U.S. Department of Energy, within the Information Architecture and Cyber Security Program Office. In an effort to promote education and collaboration in information security Mr. Luallen is an instructor and faculty at several institutions. Mr. Luallen is adjunct faculty for DePaul University instructing the Computer Information and Network Security Masters degree capstone course. He is also a certified instructor and CCIE for Cisco Systems instructing security technologies such as firewalls, intrusion prevention, virtual private networks and general secure information architecture. As a certified instructor for the SANS Institute Mr. Luallen teaches infrastructure architecture, wireless security, web application security, regulatory and standards compliance, and security essentials. Mr. Luallen is a graduate of National Technological University with a Master's Degree in Computer Science, Mr. Luallen also holds a Bachelor of Science degree in Industrial Engineering from the University of Illinois, Urbana.

Randy Marchany - VA Tech: Randy is the Director of VA Tech's IT Security Laboratory and the University's Assistant IT Security Officer. He is a co-author of the original SANS Top 10 Internet Threats, the SANS Top 20 Internet Threats, the SANS Consensus Roadmap for Defeating DDoS Attacks, and the SANS Incident Response: Step-by-Step guides. He is a member of the Center for Internet Security development team that produced and tested the CIS Solaris, HPUX, AIX, Linux and Windows2000/XP security benchmarks and scoring tools. He was a member of the White House Partnership for Critical Infrastructure Security working group that developed a Consensus Roadmap for responding to the DDOS attacks of 2000.

Michael Murr - Code-X Technologies: Michael has been a forensic analyst with Code-X Technologies for over 5 years, and has conducted numerous investigations and computer forensic examinations, as well as performing specialized research and development. Michael has taught SANS Security 504 (Incident Handling and Computer Hacker Techniques), SANS Security 508 (System Forensics, Investigation, and Response), SANS Security 601 (Reverse Engineering Malware), has led SANS@Home courses and is a member of the GIAC Advisory Board. Currently, Michael is working on an open-source framework for developing digital forensics applications. Michael holds the GCIH, GCFA, and GREM certifications and has a degree in Computer Science from California State University at Channel Islands.

Stephen Northcutt - SANS Institute (Fellow): Stephen Northcutt founded the GIAC certification and currently serves as President of the SANS Technology Institute, a post graduate level IT Security College, www.sans.edu. Stephen is author/coauthor of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security 2nd Edition, IT Ethics Handbook, SANS Security Essentials, SANS Security Leadership Essentials and Network Intrusion Detection 3rd edition. He was the original author of the Shadow Intrusion Detection system before accepting the position of Chief for Information Warfare at the Ballistic Missile Defense Organization. Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crewman, white water raft guide, chef, martial arts instructor, cartographer, and network designer.

David Perez - Independent Security Consultant: David Perez is an Independent Security Consultant based in Valencia, Spain. He performs Forensic Analysis, Incident Handling, Penetration Testing, and System and Network Security Auditing for a variety of major corporate clients in the European marketplace. His background prior to his current position includes 5+ years working at HP as a Security Consultant and three further years working as a Systems Administrator and Support Engineer. He has a Masters Degree in Telecommunications Engineering from UPV (Universidad Politecnica de Valencia, Spain) and is a holder of the highest SANS GIAC certification - the GIAC Security Expert (GSE) certification.

James Philput - SANS Institute: A Systems Administrator for the SANS Institute, James has worked in the Information Technology industry for more than 10 years. He has worked in nearly every section of the industry from support to research and development to systems and network administration. Having co-authored the Operations 408: Introduction to Linux Systems Administration course, James also holds GAWN, GCIH and GCUX certifications.

Becky Pinkard - Consultant: Becky Pinkard has worked in the information technology industry for over 10 years. She is currently a senior security manager with a Fortune 20 company where she is lucky enough to work with security technology on a daily basis. She has written and edited course, test, and lab material for SANS. Becky is a SANS Certified Instructor and has taught for the SANS Institute since 2001. She has participated as a GIAC GCIA advisory board member and on the Strategic Advisory Council for the Center for Internet Security (http://www.cisecurity.org/). She is a co-author of the Syngress book, Intrusion Prevention and Active Response, Deploying Network and Host IPS. Additionally, Becky has setup enterprise intrusion detection systems, designed patch, vulnerability and firewall strategies, performed security audits and assessments, worked forensics cases, and developed security awareness training in small and large environments. This background is rolled into her teaching style and helps give students that unique "SANS experience and advantage."

Hal Pomeranz - Deer Run Associates (Fellow): Hal is founder and CEO of Deer Run Associates, a systems management and security consulting firm. He has spent more than fifteen years managing systems and networks for some of the largest commercial, government, and academic organizations in the country. He is the Technical Editor for SysAdmin Magazine and was the recipient of the 2001 SAGE Outstanding Achievement award for his teaching and leadership in the field of System Administration. Hal participated in the first SANS conference and designed the SANS Step-by-Step course model. He is a top-rated instructor and author on topics ranging from information security to system and network management to Perl programming.

Mike Poor - Intelguardians: Mike is a founder and Senior Security Analyst for the DC firm Intelguardians LLC. In his recent past life he has worked for Sourcefire, as a research engineer, and for the SANS Institute leading their Intrusion Analysis Team. As a consultant, Mike conducts forensic analysis, penetration tests, vulnerability assessments, security audits, and architecture reviews. His primary job focus however is in intrusion detection, response, and mitigation. Mike currently holds both GSEC and GCIA certifications, and is an expert in network engineering and systems, network and web administration. Mike is an author of the international best selling Snort 2.1 book from Syngress, and is a Handler for the Internet Storm Center.

Marcus Ranum - Tenable Security, Inc.: Marcus J. Ranum,Chief of Security, Tenable Security, Inc., is a world-renowned expert on security system design and implementation. Since the late 1980's, he has designed a number of groundbreaking security products including the DEC SEAL, the TIS firewall toolkit, the Gauntlet firewall, and NFR's Network Flight Recorder intrusion detection system. He has been involved in every level of operations of a security product business, from developer, to founder and CEO of NFR. Marcus has served as a consultant to many FORTUNE 500 firms and national governments, as well as serving as a guest lecturer and instructor at numerous high-tech conferences. In 2001, he was awarded the TISC "Clue" award for service to the security community, and also holds the ISSA lifetime achievement award.

Megan Restuccia - Columbia University: Megan is currently an Instructor and Mentor with the SANS Institute as well as a Solutions Engineer for Morgan Stanley. She has over 11 years experience in Information Technology with an extensive background in Networking, Unix/Linux and Windows environments, in both small and large implementations. Megan currently holds professional certifications including RHCE, CCWD, CISSP, GSEC and GIAC Certificates in GREM and GGSC. She also holds a BS in Computer Science and an MBA from Columbia University. Megan's most recent focuses were on SOX/HIPAA security regulations and training, intrusion detection and prevention, secure application coding and desktop encryption.

David Rice - The Monterey Group: David Rice is Director of The Monterey Group a results-oriented consultancy fulfilling client objectives in all matters of information security. David is an internationally recognized information security expert and the author of the forthcoming book, Geekonomics: The Real Cost of Software. David has been awarded for significant contributions as part of his work with the Department of Defense and the National Security Agency. David is a SANS Institute author and senior instructor. He has over 10 years of experience in security and large-scale IT infrastructure.

Dr. Ron Ritchey, Ph.D. - Booz Allen Hamilton: Mr. Ritchey is an authority in the areas of secure network design and network intrusion and regularly leads penetration testing efforts for Booz Allen Hamilton where he has had the opportunity to learn first-hand the real-world impact of network vulnerabilities. He is also an active researcher in the field with peer-reviewed publications in the area of automated network security analysis and is one of the co-authors of the recently released Inside Network Perimeter Security book published by New Riders in association with the SANS Institute. Mr. Ritchey has authored courses on computer security that have been taught across the country and periodically teaches masters level courses on computer security. Mr. Ritchey holds a masters degree in computer science from George Mason University and is currently pursuing his Ph.D. in Information Technology at their School of Information Technology and Engineering. His doctoral research involves automating network security analysis.

Marcus Sachs - Verizon: Marcus Sachs serves as Executive Director of Government Affairs for National Security Policy at Verizon in Washington, D.C. Prior to joining Verizon in August 2007, he was the deputy director of SRI International's Computer Science Laboratory. Marcus has served as the director of the SANS Internet Storm Center since 2003, and is an internationally recognized computer security expert. He brings over 26 years of professional experience to SANS including 20 years of active military service as an officer in the United States Army and two years of national cyberspace security policy development as a Presidential appointee to the National Security Council staff in the George W. Bush administration. Marcus was the first cyber security official assigned to the Department of Homeland Security in 2003 where he developed the initial concept and strategy for the creation of the United States Computer Emergency Response Team. He was also a founding member of the Defense Department's Joint Task Force for Computer Network Defense, created in 1998 as the first US military organization designed to fight foreign threats in cyberspace. A graduate of the US Army Command and General Staff College, Marcus also holds a Masters degree in Computer Science with a concentration in Information Security, a Masters degree in Science and Technology Commercialization, and a Bachelor of Civil Engineering degree. He is currently pursuing a Ph.D. in Public Policy with a concentration in Science and Technology. Marcus is a licensed Professional Engineer in the Commonwealth of Virginia.

Richard Salgado - Senior Legal Director, Yahoo! Inc.: Richard P. Salgado is a Senior Legal Director with Yahoo! Inc., where he focuses on international privacy, security and law enforcement compliance matters. Prior to joining Yahoo!, Mr. Salgado served as Senior Counsel in the Computer Crime and Intellectual Property Section of the United States Department of Justice. As a federal prosecutor, Mr. Salgado specialized in investigating and prosecuting computer network cases, such as computer hacking, illegal computer wiretaps, denial of service attacks, malicious code and other technology-driven privacy crimes. Mr. Salgado also regularly speaks on the legal and policy implications of searching and seizing computers and electronic evidence, emerging surveillance technologies, digital evidence and related criminal conduct. Mr. Salgado is a lecturer in law at Stanford Law School, where he teaches a Computer Crime seminar; he previously served as an adjunct law professor at Georgetown University Law Center and George Mason Law School, and as a faculty member of the National Judicial College. Mr. Salgado graduated magna cum laude from the University of New Mexico and in 1989 received his J.D. from Yale Law School.

Dave Shackleford - Configuresoft: Dave Shackleford, Director of Configuresoft's Center for Policy & Compliance, is a course and exam author for the SANS Institute, where he also serves as a GIAC Technical Director. He is the co-author of Hands-On Information Security from Course Technology, as well as the “Managing Incident Response” chapter in the Course Technology book, Readings and Cases in the Management of Information Security. Previously, he worked as CTO for the Center for Internet Security, as well as for a security consulting firm in Atlanta. He has also worked as a security architect, analyst, and manager for several Fortune 500 companies. He has consulted with hundreds of organizations in the areas of regulatory compliance, security and network architecture and engineering. His specialties include incident handling and response, intrusion detection and traffic analysis, and vulnerability assessment and penetration testing.

Glen Sharlun - ArcSight, Inc.: Glen started his career in the literal trenches as a leader of Marines and has since transitioned that ethos to the 'trenches' of enterprise network and security operations. Having experience building a policy, consulting and audit practice, leading the global monitoring, response and forensic team, establishing an active audit (Red Team) capability, Glen finished this career as Commanding Officer (CISO), Network Defense, U.S. Marine Corps. Glen is currently the Vice President of Customer Success at ArcSight, focused on delivering the best-practices in people, process and technologies of ArcSight's network management and security operations solutions, to its customers. Glen is a graduate of the U.S. Naval Academy and the Naval Postgraduate School (MS, Information Systems Management) and has attained & instructed numerous certifications from ISC2, SANS and the National Security Agency.

Raul Siles - Independent Security Consultant: Raul Siles is a senior independent Security Consultant performing security solutions and services in various European industries. Raul's expertise includes security architectures design, penetration tests, incident handling, forensic analysis, network, system and application security assessments and hardening, intrusion detection and information security management. He has previously worked as a security consultant with Hewlett-Packard. Raul is one of the few individuals who have earned the GIAC Security Expert (GSE) designation and also holds other SANS/GIAC certifications. Raul is a SANS Institute author and instructor for multiple courses. He is a frequent security speaker, has authored a TCP/IP security book and contributes to security articles, reviews and research projects. As a member of the Spanish Honeynet Project, he loves security challenges. Raul holds a Masters degree in Computer Science from UPM (Spain) and a postgraduate in Security and E-Commerce.
More information at http://www.raulsiles.com.

Stephen Sims - Wells Fargo: Stephen Sims is an Information Security Consultant currently working for Wells Fargo in San Francisco, CA. He has spent the past seven years in the Bay Area working for several large financial institutions on Network and Systems Security, Reverse-Engineering Malware, Risk Assessment and Management. Prior to San Francisco, Stephen worked in the Baltimore/DC area as a Network Security Engineer for companies such as General Motors and Sylvan Prometric. He is one of only a handful of individuals who holds the GIAC Security Expert (GSE) Certification and is currently working with GIAC and White Wolf Security to administer this years exam in Las Vegas. . He is a SANS certified instructor and holds several other certifications such as the CISSP and CISA and is currently co-authoring a book on exploit techniques.

Ed Skoudis - Intelguardians (Fellow): Ed Skoudis is a co-founder and Senior Security Analyst with Intelguardians, a Washington DC based information security consulting firm. Ed teaches SANS Security 504, "Hacker Techniques, Exploits and Incident Handling," and 517, "Cutting Edge Hacking Techniques," on a regular basis. Ed's expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues. He has performed numerous security assessments, provided detailed expert witness services in cases involving major credit card theft, and responded to computer attacks for clients in the financial, high technology, healthcare, and other industries. Ed conducted a demonstration of hacker techniques against financial institutions for the United States Senate and is a frequent speaker on issues associated with hacker tools and defenses. He has published several articles on these topics, as well as the books Counter Hack Reloaded and Malware: Fighting Malicious Code. Ed was also awarded 2004, 2005, and 2006 Microsoft MVP awards for Windows Server Security, and is an alumnus of the Honeynet Project. Previous to Intelguardians, Ed served as a security consultant with International Network Services (INS), Predictive Systems, Global Integrity, SAIC, and Bell Communications Research (Bellcore).

Dr. Steve Slater, Ph.D. - Security Compliance Corporation: Dr. Steve Slater is Founder and President of Security Compliance Corporation (www.securitycompliancecorp.com), a privately held software company building solutions for information security compliance and identity auditing. Steve is also a SANS author and instructor for Security 615: Secure Internet Presence – LAMP. Over the past 15 years, Dr. Slater has provided a range of expert consulting including secure firewall and application design, vulnerability assessments, threat management, security policy, and regulatory compliance. In addition to security, Steve also holds a PhD in Nuclear Engineering from UC Berkeley and has several publications relating to high-performance computing and advanced numerical analysis. His scientific expertise earned the recognition of both the National Science Foundation and the Department of Energy.

Lance Spitzner - Honeynet Project: Lance Spitzner is a geek who loves information security. It is a constantly changing battle, your job is to defend against the bad guys. This love for tactics first began in the Army, where he served for seven years, four as an Armor officer in the Army's Rapid Deployment Force. Following the military he received his M.B.A and became involved in the world of information security. Now he defends organizations with IPv4 packets as opposed to 120mm SABOT rounds. His passion is researching honeypot technologies and using them to learn more about threats. He is founder of the Honeynet Project, moderator of the honeypot maillist, author of "Honeypots: Tracking Hackers", co-author of "Know Your Enemy" and author of numerous whitepapers. He has also spoken at various conferences and organizations, including SANS, Blackhat, FIRST, the Pentagon, the FBI Academy, the President's Advisory Board, the Army War College, Department of Justice, and Navy War College.

William Stearns - Dartmouth - ISTS: Bill is a Senior Research Engineer at Dartmouth's Institute for Security Technology Studies, working on Honeypot development and other network security projects. He is a content author and faculty member at the SANS Institute. His background is in network and operating system security; he was the chief architect of a commercial firewall and is an active contributor to the Linux development effort. His spare time is spent coordinating and maintaining an antispam blacklist. Bill's articles and tools can be found in SysAdmin magazine, online journals, and at http://www.stearns.org.

John Strand - SANS Institute - Argotek: John Strand currently teaches the SANS GCIH and CISSP classes. He is currently certified GIAC Gold in the GCIH and GCFW and is a Certified SANS Instructor. He is also a holder of the CISSP certification. He started working computer security with Accenture Consulting in the areas of intrusion detection, incident response, and vulnerability assessment/penetration testing. He then moved on to Northrop Grumman specializing in DCID 6/3 PL3-PL5 (multi-level security solutions), security architectures, and program certification and accreditation. He is currently employed with SANS managing the local mentor program. He also is a consultant with Argotek, Inc. He has a Masters degree from Denver University, and is currently also a professor at Denver University. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.

James Tarala - Enclave: James Tarala is a principal consultant with Enclave Hosting, LLC and is based out of Venice, FL. He is a regular speaker and senior instructor with the SANS Institute, as well as a courseware author and editor for many of their auditing and security courses. As a consultant, he has spent the past few years architecting large enterprise IT security and infrastructure architectures, specifically working with many Microsoft based directory services, e-mail, terminal services, and wireless technologies. He has also spent a large amount of time consulting with organizations to assist them in their security management, operational practices, and regulatory compliance issues, and often times performs independent security audits and assists internal audit groups to develop their internal audit programs. James completed his undergraduate studies at Philadelphia Biblical University, his graduate work at the University of Maryland, and holds numerous professional certifications.

Arrigo Triulzi - K2Defender Ltd.: Arrigo Triulzi, trained in Pure Mathematics, holds an MSc in Mathematical Computation from Queen Mary, University of London, and is working towards a PhD in Algebraic Computation. He is co-founder and Chief Security Officer of K2 Defender Limited, a bespoke high-end IDS solutions provider. Arrigo is also a free-lance consultant in IT Security with particular expertise in secure network design, network security analysis, and incident handling. He is also the administrator of the IDS Europe mailing list. Having worked with both popular and less common flavours of Unix he is comfortable working in any heterogeneous networking environment and his knowledge also includes esoteric operating systems such as Guardian/NSK. Arrigo is co-inventor in an EU patent for a high-performance distributed IDS design, and has written on a variety of security topics. Recent work includes web research into IDS deployment on IPv6, firewall verification using IDS, and distributed concept virii.

Dr. Johannes Ullrich, Ph.D. - SANS Institute: As Chief Research Officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a web development company and as a research physicist. Johannes holds a Ph.D. in Physics from SUNY Albany and is located in Jacksonville FL.

Benjamin Wright - Attorney: Ben, recognized the world over as one of the leading lawyers in e-commerce, is the founding author of The Law of Electronic Commerce, a comprehensive book on the legality of electronic transactions and computerized business records. Since 1988, Wright has delivered over 500 speeches on e-commerce, privacy, records management, and computer security and been quoted in publications around the globe, from the Wall Street Journal to the Sydney Morning Herald. He wrote and presented to the Sri Lankan government a report on technology law, which contributed to the adoption of national e-commerce legislation in 2005.

Joshua Wright - Aruba: Joshua is the author of several papers on wireless security and intrusion analysis, and the co-author of Securing Cisco Routers: Step-by-Step, a book published by the SANS Institute. In a consulting role, he has worked with Fortune 500 companies, federal agencies, and educational institutions addressing issues related to wireless security, vulnerability assessment, and secure network design. He currently serves as the senior security researcher for Aruba Wireless Networks and is an instructor for the SANS Institute.

Lenny Zeltser - SAVVIS: Lenny Zeltser leads the New York security consulting team at SAVVIS, a premier provider of IT infrastructure and hosting services. He is also a member of the Board of Directors at SANS Technology Institute, a senior faculty member at SANS, and an incident handler at the Internet Storm Center. Lenny co-authored a number of books, including Inside Network Perimeter Security and Malware: Fighting Malicious Code. He also contributed articles to publications such as the Information Security magazine, and presented to IT executives at conferences and private summits. In addition to holding the CISSP certification, Lenny is one of the few individuals in the world who have earned the highly-regarded GIAC Security Expert (GSE) designation. He has an MBA degree from MIT Sloan and a Computer Science degree from the University of Pennsylvania. More information about Lenny's projects and interests is available at http://www.zeltser.com.

Check Them Out!

This is hands-down, the premiere training opportunity.
- Dan Mather, JICPAC

Network Security 2008 :: Las Vegas, NV :: Sep 28 - Oct 6, 2008

Contact us: (301) 654-SANS(7267)
Monday - Friday 9am-8pm EST/EDT