- Twitter: @mikepilkington
Mike Pilkington is the technical incident response lead for a Fortune 500 company in the oil & gas industry. In his role, Mike regularly works malware and intrusion cases, evaluates and implements both commercial and open-source forensic tools, and consults with various groups within the organization.
Over the years, Mike has accumulated a broad range of technical expertise, having spent significant time performing software quality assurance, Windows systems administration, LAN and WAN network administration, firewall and IDS/IPS security administration, computer forensic analysis, and incident response. As a forensic analyst, he worked numerous HR investigations, including cases involving intellectual property theft, inappropriate use of the Internet, employee hacking, IT administrator privilege abuse, and illegal downloading of copyright materials. In 2009, Mike was selected to start the company's incident response program. While responding to numerous incidents that year, he developed the company's initial cyber incident response plan. Since then, the program has steadily matured and Mike has remained the lead responder, handling cases from commodity malware infections to nation-state attacks targeting strategic groups within the organization.
Since 2008, Mike has also enjoyed teaching for the SANS Institute. He currently teaches Windows Forensics In-Depth (FOR408) and Advanced Digital Forensics and Incident Response (FOR508). In addition to teaching, Mike is a dedicated researcher and has published numerous articles for the SANS Forensics Blog.
Mike holds a B.S. in Mechanical Engineering from The University of Texas, as well as numerous IT security certifications, including the CISSP, EnCE, GCFE, GCFA, and GREM.
Listen to Mike discuss Privileged Domain Account Protection: How to Limit Credentials Exposure in this SANS webcast.
|FOR408: Windows Forensic Analysis||GCFE|