Mike Pilkington
- Twitter: @mikepilkington
- LinkedIn: linkedin.com/in/mikepilkington
Curiosity wins the day! That is Mike Pilkington's teaching philosophy, because from his perspective, you have to be inspired and excited about solving difficult cases if you want to be great at forensics. As Mike says, "you have to be willing to search for the answers that others can't or won't find." Mike's infectious enthusiasm for digital forensics comes through in his work, in his classes, and in his day-to-day life. It's clear that his hobby and his job are one in the same.
Mike has been an instructor for the SANS Institute since 2008. He currently teaches Windows Forensics In-Depth (FOR500) and Advanced Digital Forensics and Incident Response (FOR508). In addition to teaching, Mike is a dedicated researcher and has published numerous articles for the SANS Forensics Blog.
After spending much of his career as an analyst and incident responder for Halliburton, Mike recently joined the team at Shell. His background working in a large corporate environment gives him a unique perspective among SANS instructors. Mike is also a researcher at heart and will spend hours unraveling the answer to a complicated case or a question from a student. He'll delve deeply into forensic conundrums to identify the best solutions, and then document that knowledge to share with the digital forensics community.
In his current role as a senior incident analyst at Shell, Mike regularly deals with malware and intrusion cases. His work ranges from evaluating and implementing both commercial and open-source forensic tools to consulting with internal groups to resolve intrusions. He has accumulated a broad range of technical expertise, having spent significant time performing software quality assurance, Windows systems administration, LAN and WAN network administration, firewall and IDS/IPS security administration, computer forensic analysis, and incident response. As a forensic analyst, he worked numerous human resource investigations, including cases involving intellectual property theft, inappropriate use of the Internet, employee hacking, IT administrator privilege abuse, and illegal downloading of copyrighted materials.
Mike holds a bachelor's degree in mechanical engineering from the University of Texas, as well as numerous IT security certifications, including the CISSP, EnCE, GCFE, GCFA, and GREM.
Qualifications Summary:
· Deep background in corporate cybersecurity
· SANS instructor since 2008
· Professional qualifications: GCFA, GCFE, GREM, EnCE, CISSP
Get to Know Mike Pilkington:
· Mike's DFIR blog is available at https://digital-forensics.sans.org/blog/author/mpilkington
· Mike co-authored the SANS Forensics "Find Evil" poster
· Mike created an example forensics report for SANS FOR500 students (available upon request)
· In addition to regularly presenting six-day SANS forensics classes, Mike's additional speaking engagements include the SANS DFIR Summit, SANS conferences, MIRcon, ISSA, and HTCIA
Listen to Mike discuss Privileged Domain Account Protection: How to Limit Credentials Exposure in this SANS webcast.
Here's What Students Are Saying about SANS Certified Instructor Mike Pilkington:
"The level of detail and knowledge that Mike has is above excellent." - Oz Bogovac, JCI
"Once again, Mike's command-line knowledge really became valuable when we tried to stump him with questions. He knew everything!" - Mike DeZenzo, EY
"The instructor helps by sharing his knowledge in a way it can be understood by the student." - Joseph Selph, IBM
"Very knowledgeable." William Martin, NYSP
Instructor Endorsements:
"Mike's perspective is unique and extremely valuable to our instructor team. He sees things differently as a result of directly fighting adversaries in his larger multinational corporate environment daily, and he isn't afraid to share his experiences with the class. Mike is also a researcher at heart, and his research has directly resulted in our material being updated, corrected, and expanded. It has made our courses at SANS the best and brimming full of information that make SANS truly on the "cutting edge" and not just words we use in marketing." - Rob Lee, SANS Fellow
"Mike is accomplished, wicked smart, and very passionate about our field. He is that rare individual who doesn't just report a problem - he takes it upon himself to find a solution. As an example, Mike encountered a number of students during his early teaching engagements who were having difficulties grasping the fundamentals of report writing. He took it upon himself to create a sample report that could be shared among instructors. His SANS blog posts are some of my favorites, as he regularly takes it upon himself to look deeper into nagging forensic unknowns and document clever solutions." - Chad Tilbury, SANS Senior Instructor
"I have watched Mike present and have been thoroughly impressed with his smooth delivery, his ability to competently deliver highly technical material in a way that makes it easy for students to understand, and his ability to handle questions. Mike's background in IT brings a highly valuable perspective to the forensic program and inspires students." - Ovie Carroll, SANS Certified Instructor
Mike Pilkington Will Be Teaching the Following Course:
| Course | Certification |
|---|---|
| FOR408: Windows Forensic Analysis | GCFE |
Virginia Beach 2014 Instructors
- Kevin Fiscus
- Certified
- Paul A. Henry
- Senior
- David Hoelzer
- Fellow
- Rob Lee
- Fellow
- Stephen Northcutt
- Fellow
- Keith Palmgren
- Certified
- Stephen Sims
- Senior
- Ed Skoudis
- Fellow
