- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Projects
- Security Policy Project
- Security+ Study Guide
- S.C.O.R.E.
- Awards & Recognitions
- SANS Buyers Guide
- Security Tool Demos
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
select a course
London, United Kingdom - December 1 - 9, 2008
- Event Location & Info
- General Info
- Faculty
- Vendor Expo
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
Years of experience downloaded into your brain in 6 days.
-Chris Koutras, Titan Corp
Faculty for SANS London 2008
Steve Armstrong
Prior to heading up technical security consulting at Logically Secure, Steve spent over 17 years working for the UK government and was widely considered one of their most experienced IT security professionals. Whilst head of an MOD penetration testing department he combined IT security with military policing, leading several multi-disciplined teams on overseas wireless network discovery operations.
Nowadays, he advises and undertakes testing for many of the world's largest media and music companies, conducting audits of their new sub-contractors and providing incident containment advice. He acts as the security lead technical architect for a major international communications provider and several defense systems integrators, ensuring that systems are designed and built to be secure from the initial concept forward.
A strong advocate of multi-skilling, Steve still conducts network security audits, design reviews, Web application code review and testing, forensic analysis, and post IPR theft incident response. Steve holds a variety of product-related certifications as well as the CISSP, CEH, GCFA and GCIH. He has used his free time to develop a Peer2Peer corruption tool, but he can also be found online computer gaming favoring Day of Defeat and C&C Generals.
- Steve will be teaching:
- SEC 559.1 Wireless Security Exposed - Day 1
- SEC 559.2 Wireless Security Exposed - Day 2
Tanya Baccam
Tanya is a SANS senior instructor, as well as a SANS courseware author. She provides many security consulting services for clients such as system audits, vulnerability and risk assessments, database assessments, web application assessments and penetration testing. Tanya has previously worked as the Director of Assurance Services for a security services consulting firm, as well as being the Manager of Infrastructure Security for a healthcare organization. She also served as a Manager at Deloitte & Touche in the Security Services practice. Throughout her career, she's consulted with many clients about their security architecture, including areas such as perimeter security, network infrastructure design, system audits, web server security, and database security. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, CCSE, CCSA and Oracle DBA certifications.- Tanya will be teaching:
- AUD 507.1 Auditing Principles & Concepts
- AUD 507.2 Auditing the Perimeter
- AUD 507.3 Network Auditing Essentials
- AUD 507.4 Auditing Web-Based Applications
- AUD 507.5 Advanced Systems Audit: Windows XP/2003
- AUD 507.6 Advanced Systems Audit: Unix
Chris Brenton
Chris Brenton is a private consultant with over ten years experience in the field. He is one of the founding members of the initial Honeynet Project, one of the original Internet Storm Center handlers, and started up one of the first managed security ISP's. Over the years, he's been credited with the discovery of numerous vulnerabilities in various software products. Along with being a published author, Chris is responsible for maintaining all of the material in the SANS Perimeter Security track. In his spare time, Chris teaches rally and high speed off road security driving where he can be found teaching students to make their side window the front of the car.- Chris will be teaching:
- SEC 502.1 TCP/IP
- SEC 502.2 Firewalls, NIDS, and NIPS
- SEC 502.3 Wire Products and Assessment
- SEC 502.4 Host Level Security
- SEC 502.5 Securing the Wire
- SEC 502.6 Perimeter Wrap Up
Dr. Eric Cole, Ph.D.
Dr. Eric Cole is an industry recognized security expert, with over 15 year's hands-on experience. Dr. Cole currently performs leading edge security consulting and works in research and development to advance the state of the art in information systems security. Dr. Cole has experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Dr. Cole has a Masters in Computer Science from NYIT, and a Ph.D. from Pace University with a concentration in Information Security. Dr. Cole is the author of several books including Hackers Beware, Hiding in Plain Site, Network Security Bible and Insider Threat. He is also the inventor of over 20 patents and is a researcher, writer, and speaker. Eric is also a senior scientist with Lockheed Martin Information Technology (LMIT) and Lockheed Martin (LM) fellow. Dr. Cole is actively involved with The SANS Technology Institute (STI) and SANS working with students, teaching, and maintaining and developing courseware.- Dr. Eric will be teaching:
- SEC 401.1 Networking Concepts
- SEC 401.2 Defense In-Depth
- SEC 401.3 Internet Security Technologies
- SEC 401.4 Secure Communications
- SEC 401.5 Windows Security
- SEC 401.6 Linux Security
Jason Fossen
Jason Fossen is a principal security consultant at Enclave Consulting LLC, a published author, and a frequent public speaker on Microsoft security issues. He is the sole author of the SANS Institute's week-long Securing Windows course (SEC505), maintains the "Windows day" of Security Essentials (SEC401.5), and has been involved in numerous other SANS projects since 1998. He was graduated from the University of Virginia, received his Master's degree from the University of Texas at Austin, and holds a number of professional certifications. He currently lives in Dallas, Texas.- Jason will be teaching:
- SEC 505.1 Securing Active Directory and DNS
- SEC 505.2 Security Through Group Policy
- SEC 505.3 Windows PKI, EFS and BitLocker
- SEC 505.4 Windows IPSec, RADIUS, Wireless, and VPNs
- SEC 505.5 Securing Internet Information Server
- SEC 505.6 Windows PowerShell
Jess Garcia
Jess Garcia, founder of One eSecurity, is a Senior Security Engineer with over 15 years of experience in Information Security.
During the last 5 years Jess has worked in highly sensitive projects in Europe, USA, Latin America and the Middle East with top global customers in sectors such as financial & insurance, corporate, media, health, communications, law firms or government, in areas such as Incident Response & Computer Forensics, Malware Analysis, Security Architecture Design and Review, etc.
Previously, Jess worked for 10 years as a systems, network and security engineer in the Spanish Space Agency, where he collaborated as a security advisor with the European Space Agency, NASA, and other international organizations.
Jess is a frequent speaker at security events, having been invited to dozens of them around the world during the last few years. Jess has also contributed to several books, articles, SANS courseware, the GIAC program, etc. Jess is an active security researcher in areas such as Incident Response and Computer Forensics or Honeynets.
Jess holds a Masters of Science in Telecommunications Engineering from the Univ. Politecnica de Madrid.
- Jess will be teaching:
- SEC 508.1 Forensic and Investigative Essentials
- SEC 508.2 Forensic Methodology Illustrated Part 1
- SEC 508.3 Forensic Methodology Illustrated Part 2
- SEC 508.4 Windows File System Forensics
- SEC 508.5 Computer Investigative Law for Forensic Analysts
- SEC 508.6 Advanced Forensics and the Forensic Challenge
- SEC 602 Reverse-Engineering Malware: Additional Tools and Techniques
Stephen Northcutt
Stephen Northcutt founded the GIAC certification and currently serves as President of the SANS Technology Institute, a post graduate level IT Security College, www.sans.edu. Stephen is author/coauthor of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security 2nd Edition, IT Ethics Handbook, SANS Security Essentials, SANS Security Leadership Essentials and Network Intrusion Detection 3rd edition. He was the original author of the Shadow Intrusion Detection system before accepting the position of Chief for Information Warfare at the Ballistic Missile Defense Organization. Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crewman, white water raft guide, chef, martial arts instructor, cartographer, and network designer.- Stephen will be teaching:
- MGT 512.1 Managing the Plant, Network, and Information Architecture
- MGT 512.2 Defense In Depth
- MGT 512.3 Secure Communications
- MGT 512.4 The Value of Information
- MGT 512.5 Management Practicum
Raul Siles
Raul Siles is a senior independent Security Consultant performing security solutions and services in various European industries. Raul's expertise includes security architectures design, penetration tests, incident handling, forensic analysis, network, system and application security assessments and hardening, intrusion detection and information security management. He has previously worked as a security consultant with Hewlett-Packard. Raul is one of the few individuals who have earned the GIAC Security Expert (GSE) designation and also holds other SANS/GIAC certifications. Raul is a SANS Institute author and instructor for multiple courses. He is a frequent security speaker, has authored a TCP/IP security book and contributes to security articles, reviews and research projects. As a member of the Spanish Honeynet Project, he loves security challenges. Raul holds a Masters degree in Computer Science from UPM (Spain) and a postgraduate in Security and E-Commerce.More information at http://www.raulsiles.com.
- Raul will be teaching:
- SEC 540.1 Building a VoIP Infrastructure, VoIP Protocols Identification and Analysis, and VoIP Infrastructure Attacks
- SEC 540.2 VoIP Signaling and Media Attacks, and VoIP Countermeasures
- SEC 542.1 Web App Penetration Testing and Ethical Hacking: The Attacker's View of the Web
- SEC 542.2 Web App Penetration Testing and Ethical Hacking: The Attack Process Part 1
- SEC 542.3 Web App Penetration Testing and Ethical Hacking: The Attack Process Part 2
- SEC 542.4 Web App Penetration Testing and Ethical Hacking: The Attack Process Part 3
- DEV 538 Web Application Penetration Testing Fundamentals
Stephen Sims
Stephen Sims is an Information Security Consultant currently working for Wells Fargo in San Francisco, CA. He has spent the past eight years in San Francisco working for several large financial institutions on Network and Systems Security, Penetration Testing, Exploitation Development, Risk Assessment and Management. Prior to San Francisco, Stephen worked in the Baltimore/DC area as a Network Security Engineer for companies such as General Motors and Sylvan Prometric. He is one of only a handful of individuals who holds the GIAC Security Expert (GSE) Certification, and also helps to author and maintain the current version of the exam. He is a SANS Certified Instructor and the course author of SANS’ first and only 700-level course, SEC709, “Developing Exploits for Penetration Testers and Security Resaerchers.” Stephen also holds the CISSP, CISA and Network Offense Professional (NOP) certification, amongst others.- Stephen will be teaching:
- SEC 560.1 Network Penetration Testing: Planning, Scoping, and Recon
- SEC 560.2 Network Penetration Testing: Scanning
- SEC 560.3 Network Penetration Testing: Exploitation
- SEC 560.4 Network Penetration Testing: Password Attacks
- SEC 560.5 Network Penetration Testing: Wireless and Web Apps
- SEC 560.6 Penetration Testing Workshop & Capture the Flag Event
- SEC 709 Developing Exploits for Penetration Testers and Security Researchers
Arrigo Triulzi
Arrigo Triulzi, trained in Pure Mathematics, holds an MSc in Mathematical Computation from Queen Mary, University of London, and is working towards a PhD in Algebraic Computation. He is co-founder and Chief Security Officer of K2 Defender Limited, a bespoke high-end IDS solutions provider. Arrigo is also a free-lance consultant in IT Security with particular expertise in secure network design, network security analysis, and incident handling. He is also the administrator of the IDS Europe mailing list. Having worked with both popular and less common flavours of Unix he is comfortable working in any heterogeneous networking environment and his knowledge also includes esoteric operating systems such as Guardian/NSK. Arrigo is co-inventor in an EU patent for a high-performance distributed IDS design, and has written on a variety of security topics. Recent work includes web research into IDS deployment on IPv6, firewall verification using IDS, and distributed concept virii.- Arrigo will be teaching:
- SEC 504.1 Incident Handling Step-by-Step and Computer Crime Investigation
- SEC 504.2 Computer and Network Hacker Exploits - Part 1
- SEC 504.3 Computer and Network Hacker Exploits - Part 2
- SEC 504.4 Computer and Network Hacker Exploits - Part 3
- SEC 504.5 Computer and Network Hacker Exploits - Part 4
- SEC 504.6 Hacker Tools Workshop
Dr. Johannes Ullrich, Ph.D.
As Chief Research Officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a web development company and as a research physicist. Johannes holds a Ph.D. in Physics from SUNY Albany and is located in Jacksonville FL.- Dr. Johannes will be teaching:
- SEC 503.1 TCP/IP for Intrusion Detection
- SEC 503.2 Network Traffic Analysis Using TCPdump - Part 1
- SEC 503.3 Network Traffic Analysis Using TCPdump - Part 2
- SEC 503.4 Intrusion Detection Snort Style
- SEC 503.5 Security Information Management and Traffic Analysis - Part 1
- SEC 503.6 Security Information Management and Traffic Analysis - Part 2
- SEC 546 IPv6 Essentials