The most trusted source for computer security training, certification and research.

select a course
Orlando, FL - January 13 - 19, 2007
Global Information Assurance Certification

The SANS class stands out above the rest because of the subject matter experts who teach the classes and labs.
-Shirlee Eitel-Birgham, State of Nevada

Faculty for SANS Bootcamp 2007

Tanya Baccam
Tanya is a SANS senior instructor as well as a SANS courseware author. She provides many security consulting services for clients, such as system audits, vulnerability and risk assessments, database audits, and Web application audits. Tanya has previously worked as the director of assurance services for a security services consulting firm and the manager of infrastructure security for a healthcare organization. She also served as a manager at Deloitte & Touche in the Security Services practice. Throughout her career she's consulted with many clients about their security architecture, including areas such as perimeter security, network infrastructure design, system audits, Web server security, and database security. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, and Oracle DBA certifications.
top^
Chris Brenton
Chris Brenton is a private consultant with over ten years of experience in the field. He is one of the founding members of the initial Honeynet Project and one of the original Internet Storm Center handlers, and he started up one of the first managed security ISP's. Over the years, he's been credited with the discovery of numerous vulnerabilities in various software products. Along with being a published author, Chris is responsible for maintaining all of the material in the SANS Perimeter Protection In-Depth course. In his spare time, Chris teaches rally and high speed off road security driving where he can be found teaching students to make their side window the front of the car.
top^
Jeffrey Casey
Jeff Casey is currently a systems engineer in support of the Pacific Missile Range Facility on Kauai. He has been working as a .NET developer and Systems Administrator for 6 years, with the past 3 inside a DOD environment. As a contractor for the Navy, Jeff has been involved with the migration of enterprise DOD systems from Windows NT to 2000/2003 and is a tester for the Navy Installations Command SharePoint Portal. Jeff has been involved as a consultant on the compliance requirements for enabling PKI on all web servers at PMRF, and is routinely involved with information assurance issues dealing with the Navy Marine Corp Intranet. As a hobby Jeff also has a local business helping the residents of West Kauai with various computer issues.
top^
Eric Cole, PhD
Dr. Eric Cole is an industry-recognized security expert with over 15 years of hands-on experience. Cole currently performs leading-edge security consulting and works in research and development to advance the state of the art in information systems security. Cole has experience in information technology with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Cole has a master's degree in computer science from NYIT and a PhD from Pace University with a concentration in information security. Dr. Cole is the author of several books, including Hackers Beware, Hiding in Plain Site, Network Security Bible, and Insider Threat. He is the inventor of over 20 patents and is a researcher, writer, and speaker. He is also a member of the Commission on Cyber Security for the 44th President and several executive advisory boards. Dr. Cole is also the CTO of the Americas for McAfee. Cole is actively involved with the SANS Technology Institute (STI) and SANS working with students, teaching, and maintaining and developing courseware. He is a SANS faculty fellow and course author.
top^
Ted Demopoulos

Ted Demopoulos' first significant exposure to computers was in 1977 when he had unlimited access to his high school's PDP-11 and hacked at it incessantly. He consequently almost flunked out but learned he liked playing with computers a lot. His business pursuits began in college and have been continuous ever since. His background includes over 20 years of experience in information security and business, including 15+ years as an independent consultant. Ted helped start a successful information security company, was the CTO at a "textbook failure" of a software startup, and has advised several other businesses. Ted is a frequent speaker at conferences and other events, quoted often by the press, and blogs on new media at BloggingForBusinessBook.com. In his spare time he writes books on Web 2.0, including Blogging for Business and What No One Ever Tells You About Blogging and Podcasting. He also has an ongoing software concern in Hong Kong, The Arial Group, an enterprise risk management solutions provider. Ted lives in New Hampshire with his wife, three children and dog.

top^
Bob Hillery
Bob Hillery is a co-founder and Senior Security Analyst with InGuardians, LLC, of Washington, DC. He brings a global perspective to consultancy through Information Systems Security Management and computer network security incident handling experience in the U.S. Navy, private sector, and R&D. Bob has published a number of papers regarding threat assessment, business systems security management, including a National Institute of Justice project evaluating cyber attack and forensics tools requirements while a Senior Researcher for the Institute for Security Technology Studies at Dartmouth College. He is on the Advisory Boards of the SANS Institute, a variety of academic groups, and small businesses providing technical insights for Information Security degree programs and for corporate and legal digital forensics requirements. He also served as the Vice President of Academic Affairs & Chair of Information Systems Department for NH Community Technical College. He is a certified instructor for the SANS Institute and guest lecturer at such places as the University of New Haven.s National Security Master.s Program and Franklin Pierce Law Center. Bob has Masters degrees in both Strategic Studies and International Relations. His professional certifications include CISSP, SANS GIAC certifications, MCSE and the NSA IAM & IEM.
top^
David Hoelzer
With more than twenty years of experience, David has served in positions ranging from the highly technical to senior management for a variety of organizations. For the last ten years, David has been the director of research for Cyber-Defense and the principal examiner for Enclave Forensics. In addition to day-to-day responsibilities, he has acted as an expert witness for the Federal Trade Commission and continues to teach at major SANS events, teaching security professionals from organizations including NSA, USDA Forest Service, Fortune 500 security engineers and managers, DHHS, various DoD sites, national laboratories, and many colleges and universities. From time to time David also speaks nationally and internationally on various security topics.
top^
Kevin Johnson
Kevin Johnson is a senior security analyst with InGuardians, LLC. Kevin came to security from a development and system administration background. He has many years of experience performing security services for Fortune 100 companies, and in his spare time he contributes to a large number of open source security projects. Kevin founded and leads the development on the Basic Analysis and Security Engine (BASE) project, the most popular Web interface for the Snort intrusion detection system. Kevin is an instructor for SANS, teaching both SEC504: Hacker Techniques, Exploits, and Incident Handling and SEC542: Web App Penetration Testing and Ethical Hacking. He has presented to many organizations, including Infragard, ISACA, ISSA, and the University of Florida.
top^
Fred Kerby
Fred is an engineer, manager, and security practitioner whose experience spans several generations of networking. He is the information assurance manager at the Naval Surface Warfare Center, Dahlgren Division and has vast experience with the political side of security incident handling. His team is one of the recipients of the SANS Security Technology Leadership Award as well as the Government Technology Leadership Award. Fred received the Navy Meritorious Civilian Service Award in recognition of his technical and management leadership in computer and network security. A frequent speaker at SANS, Fred’s presentations reflect his opinions and are not the opinions of the Department of the Navy.
top^
Rob Lee
Rob Lee is a director for MANDIANT (www.mandiant.com), a leading provider of information security consulting services and software to Fortune 500 organizations and the U.S. government. Rob is also the curriculum lead for digital forensic training at the SANS Institute (forensics.sans.org). Rob has more than 13 years' experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response. Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations, incident response, and computer forensics. Prior to joining MANDIANT, he directly worked with a variety of government agencies in the law enforcement, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and exploit development team, lead for a cyber forensics branch, and lead for a computer forensic and security software development team. Rob also coauthored the bestselling book Know Your Enemy, 2nd Edition. Rob earned his MBA from Georgetown University in Washington DC. Finally, Rob was awarded the Digital Forensic Examiner of the Year from the Forensic 4Cast 2009 Awards.
top^
Matthew Luallen
Matthew E. Luallen is a well-respected information professional, researcher, instructor and author. Mr. Luallen serves as the President and Principal Consultant of Sph3r3, LLC., a strategic and practical educational and consulting company. With Sph3r3 Mr. Luallen consults with both governmental and commercial sectors including a multi-client base of corporations, public utilities, financial institutions, law enforcement and healthcare organizations. He has provided assistance and architectural support for many information security projects including integrating compliance requirements associated with SOX, HIPAA and the NERC CIP standard. Recent endeavors include architecting and integrating protective controls for financial market transactions, virtualized environments and SCADA systems. Prior to incorporating Sph3r3, Mr. Luallen provided strategic guidance for Argonne National Laboratory, U.S. Department of Energy, within the Information Architecture and Cyber Security Program Office. In an effort to promote education and collaboration in information security Mr. Luallen is an instructor and faculty at several institutions. Mr. Luallen is adjunct faculty for DePaul University instructing the Computer Information and Network Security Masters degree capstone course. He is also a certified instructor and CCIE for Cisco Systems instructing security technologies such as firewalls, intrusion prevention, virtual private networks and general secure information architecture. As a certified instructor for the SANS Institute Mr. Luallen teaches infrastructure architecture, wireless security, web application security, regulatory and standards compliance, and security essentials. Mr. Luallen is a graduate of National Technological University with a Master's Degree in Computer Science, Mr. Luallen also holds a Bachelor of Science degree in Industrial Engineering from the University of Illinois, Urbana.
top^
James Manico
Jim is the VP of Software Engineering for CodeMagi Inc., a service firm specializing in cutting edge web application development. Jim brings ten years of web-based database-driven software development and analysis experience to client engagements. CodeMagi Inc. has recently provided service for SUN Microsystems, Fox Media, the Golden State Warriors and Architecture for Humanity. In addition, Jim has expertise working with a wide variety of technologies including web-based development with J2EE, thick-client and applet-based Java applications, hybrid applications using Java, C++ and Flash, web-based PHP applications using Drupal 4.7, rich-media web applications using advanced Ajax techniques, and Database technology using Oracle, MySQL and Postgres. Jim's office is located on the beautiful island of Kauai, HI and hosts a bi-weekly call-in computer talk radio show for KKCR, Kauai's community radio station. Jim previously served as the Director of Vendor Relations with the SANS Institute. Jim often volunteers his time fixing and tuning his neighbors computers, the only cost to them is being lectured at regarding the importance of backup and security.
top^
Stephen Northcutt
Stephen Northcutt founded the GIAC certification and currently serves as president of the SANS Technology Institute, a postgraduate level IT security college (www.sans.edu). Stephen is author/coauthor of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security 2nd Edition, IT Ethics Handbook, SANS Security Essentials, SANS Security Leadership Essentials and Network Intrusion Detection 3rd edition. He was the original author of the Shadow Intrusion Detection system before accepting the position of chief for information warfare at the Ballistic Missile Defense Organization. Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crewman, white water raft guide, chef, martial arts instructor, cartographer, and network designer.
top^
James Philput
A Systems Administrator for the SANS Institute, James has worked in the Information Technology industry for more than 10 years. He has worked in nearly every section of the industry from support to research and development to systems and network administration. Having co-authored the Operations 408: Introduction to Linux Systems Administration course, James also holds GAWN, GCIH and GCUX certifications.
top^
Mike Poor
Mike is a founder and senior security analyst for the DC firm InGuardians LLC. In his recent past life he has worked for Sourcefire as a research engineer and for the SANS Institute leading their Intrusion Analysis Team. As a consultant, Mike conducts forensic analysis, penetration tests, vulnerability assessments, security audits, and architecture reviews. His primary job focus, however, is in intrusion detection, response, and mitigation. Mike currently holds both GSEC and GCIA certifications and is an expert in network engineering and systems, network and Web administration. Mike is an author of the international best selling Snort 2.1 book from Syngress and is a handler for the Internet Storm Center.
top^
Ed Skoudis

Ed Skoudis is a founder and senior security consultant with InGuardians. Ed's expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues, with over fifteen years of experience in information security. Ed authored and regularly teaches the SANS courses on network penetration testing (Security 560) and incident response (Security 504), helping over three thousand information security professionals each year improve their skills and abilities to defend their networks. He has performed numerous security assessments; conducted exhaustive anti-virus, anti-spyware, Virtual Machine, and IPS research; and responded to computer attacks for clients in financial, high technology, healthcare, and other industries.

Ed conducted a demonstration of hacker techniques against financial institutions for the United States Senate and is a frequent speaker on issues associated with hacker tools and defenses. He has published numerous articles on these topics as well as the Prentice Hall best sellers Counter Hack Reloaded and Malware: Fighting Malicious Code. Ed was also awarded 2004-2009 Microsoft MVP awards for Windows Server Security and is an alumnus of the Honeynet Project. Previous to InGuardians, Ed served as a security consultant with International Network Services (INS), Global Integrity, Predictive Systems, SAIC, and Bell Communications Research (Bellcore).

top^
Miles Stevenson
Miles Stevenson has spent the last six years working as a Linux network administrator. He worked in both commercial and government sectors specializing in low-cost Linux security solutions. He currently works as a full time network and security administrator for the SANS Institute.
top^
James Tarala
James Tarala is a principal consultant with Enclave Security and is based out of Venice, Florida. He is a regular speaker and senior instructor with the SANS Institute as well as a courseware author and editor for many SANS auditing and security courses. As a consultant, he has spent the past few years architecting large enterprise IT security and infrastructure architectures, specifically working with many Microsoft-based directory services, e-mail, terminal services, and wireless technologies. He has also spent a large amount of time consulting with organizations to assist them in their security management, operational practices, and regulatory compliance issues, and he often times performs independent security audits and assists internal audit groups to develop their internal audit programs. James completed his undergraduate studies at Philadelphia Biblical University and his graduate work at the University of Maryland. He holds numerous professional certifications.
top^
Joshua Wright
Joshua Wright is a Senior Security Analyst with InGuardians, LLC and a Senior Instructor with the SANS Institute. A widely recognized expert in the wireless security field, Josh has worked with private and government organizations to evaluate the threat surrounding wireless technology. As an open-source enthusiast, Josh has developed a variety of tools that can be leveraged for penetration testing and security analysis. Prior to joining InGuardians, Josh was the Senior Security Researcher for Aruba Networks, leading a team committed to significantly improving the security of modern networks. In his spare time, Josh looks for any opportunity to void the warranty on wireless electronics.
top^