Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.
Mike Ahrendt is the Information Security Officer for Grand Rapids Community College. He has been working in the industry for several years and has a lot of his experience surrounding digital forensics, incident response, and management. He is both GCFE and GCFA certified. He has been blogging for some time at mikeahrendt.blogspot.com. He also wrote Triage-IR which can be utilized to automate the live analysis of suspected compromised machine. Mike's passion for forensics make him eager to interact with anyone who wishes to get into the topic.
Rafael is currently employed as a Pentester and Ethical Hacker at Ernst & Young. In the past, he worked as a technical security consultant for various organizations and the local government (CSIRT-CV and GVA) in Spain. In the last 7 years he gained experience doing Penetration Testing, Incident Handling, Intrusion Detection and securing environments. Rafael is also a member of the GIAC Advisory Board (SANS Proctor) and a Mentor teacher by SANS Institute. He has a five-year degree in Computer Science and currently holds the CNAP, CISA, GCIH, GPEN, GAWN, GCIA, GCFE and GCFA certifications.
Derek Armstrong is an 15+ year veteran of the IT world. He started out as a civilian with the Canadian Armed Forces after receiving his Computer Science degree. Over the years he has moved up the ranks, and involved almost every aspect of IT operations and security. Currently he is a senior information security analyst with the Alberta Health Services specializing in cloud and 3rd party security. He holds the G2700, GCIH, GREM, and CISSP security certifications. Along with a mass of other certifications and courses, he has managed to engage almost every sector of information technology. In addition to his work, he is the current maintainer for the Mozilla Firefox security benchmark from CIS (Center for Internet Security). With his system administration and security background, he is thrilled at being able to pass along some of his knowledge and experience with the Hacker Techniques, Exploits & Incident Handling course from SANS.
Tim has worked in IT for over 9 years, with security as a major focus during his entire career. During his two deployments to Iraq as a U.S. Marine, he maintained 99.999% uptime for the network supporting the Air Combat Element. He was awarded a Navy and Marine Corps achievement medal for his work to improve security and efficiency of the network at Al Taqaddum Air Base. He has been a full time Security Administrator for a Fortune 500 company for the last 5 years supporting over 200 firewalls, and over 10,000 users across five states. He has been featured in an article in GI Jobs magazine: http://www.gijobs.com/cyber-warriors.aspx
Mark started off as a System Administrator for a company, administrating a UNIX network. He moved eventually to full service VAR where he would go to different customer sites installing, configuring and troubleshooting customer related issues. He has a broad view of the industry due to this experience and has applied his knowledge in different environments and industries, from automotive, to law enforcement. He helped to design and build a redundant data center solution across two different states providing the security architecture for it for a Health Care Organization.
Marks drive for knowledge took him in the direction of Intrusion Detection/Prevention, and later to his GCIH in Incident Handling. He was so amazed and humbled by the things being taught by the instructor that he wanted very much to teach others what he had just learned. He attended the SANS at night program to learn how to become a SANS Instructor, and knew at that time, that was the direction he wanted to go.Mark realizes that teaching as a SANS instructor gives him the opportunity to break away from vendor specific security and embrace a much broader view of threats and security related issues outside of just a few vendors viewpoint.
Mark is also a Black Belt instructor and believes, you may be an instructor, but you are always a student. This humbling attitude approach to being an instructor keeps your skills sharp. Helping others to learn helps you to learn.
David Bernal Michelena holds a bachelors degree in Computer Engineering from the National Autonomous University of Mexico (UNAM), he currently holds the position of Senior Computer Forensic Analyst at Scitum since July 2011. His main activities are evidence acquisition, analysis, preservation and results reporting to Scitums clients.
Scitum is one of the largest and most renowned computer security corporations in Mexico and Latin America. It provides several security services to Mexican private and public institutions, including large Banks among other large government clients.
He is a first responder when a client has suffered or is afraid of having suffered a security breach on their computer information systems. In Scitum, he has been able to perform forensic analysis and incident response in large multi-platform enterprise networks.
He is also in charge of maintaining, and improving Scitums forensic laboratory, testing and benchmarking both commercial and open source forensic software as well as forensic hardware devices.
In 2011 and 2012, David thought several information security courses to Scitum staff and trainees. He is also one of the main instructors of computer forensic courses given to clients and internal staff.
In November 2010, David was one of the main instructors in the forensics workshop on LINUX systems at the prestigious local event UNAM security conference. From August 2009 to July 2011 he worked as an incident handler and forensic analyst in UNAM Computer Emergency Response Team, which is the first CERT to be created in Mexico.
In August 2010, he was one of the winners of Honeynet 5th Forensic Challenge, log mysteries. From May 2011 to July 2011, he gave his first SANS 508 Advanced Computer Forensic and Incident Response course in Mexico.
As an added value, David will include an extra session given by Ivonne Muoz, who is one of the most renowned and experienced information security lawyers in Mexico. This session will give the assistants the required knowledge about the legal issues related to computer forensics in Mexico.
David is Access Data ACE and GCFE certified.
On his free time, he likes to play the piano.
Marcelo enforced Firewall, Intrusion Prevention System (IPS), Demilitarized Zone (DMZ), anti-virus and anti-spam configuration and maintenance. He assisted with the selection, installation, and adoption of automated tools that enforce or monitor the compliance with information security policies, procedures, standards, and similar information security requirements. He analyzed and documented information security incidents as well as the analysis of the circumstances enabling or permitting these same incidents to take place. Audited, verified network security and gave recommendations to improve the network security. Executed wireless evaluations and security auditings. Advised organizations with current information about information security technologies and issues and researched and recommended solutions. Wrote user manuals on security softwares and computer, email and Internet user policy. Developed and implemented user security awareness programs, with seminars, conferences, folders, newsletters and helpful suggestions. Designed and reviewed Windows 2000/XP/Vista/Windows 7 and Linux security architecture.
Marcelo has assisted task forces in lawsuits as technical assistant, acting as a expert witness in civil trails. He assisted in computer crimes (cybercrime) investigations and was responsible for establishing a chain of custody for evidence. He performed customer data analysis of data requested from banks and telecommunication companies, as requested by Brazilian Attorneys. He wrote, compiled and edited reports of security activities.
Marcelo has also worked as an associate professor on some colleges training on the following subjects: Law, Investigation and Ethics; Physical Security; Systems Security and Auditing; Networking; Cryptography; Software Engineering; Data Processing Center Administration. He worked as instructor for the Security Fundamentals Course (Presidency of Republic) for over than 10 classes. He was lecturer at the most important Information Security conferences in Brazil.
Finally, Marcelo holds a Masters degree in Computer Science and a Bachelor degree in Information Systems. He also has some certifications, which illustrates his passion to learn: GIAC Certified Forensics Analyst (GCFA), GIAC Certified Incident Handler (GCIH), CISSP (Certified Information Systems Security Professional) and EnCase Certified Examiner (EnCE).
Jeremy Carriger currently works as an internal Senior Information Security Auditor at a Fortune 500 company. He has also worked as a Information Security consultant at SecureState were he specializing in audit and compliance. Jeremy has both led and participated in dozens of engagements ranging from audit activities including, COBIT general controls, Sarbanes-Oxley (SOX), Payment Card Industry (PCI), ISO 27001; to technical assessments including vulnerability assessments, attack and penetration testing, war-dialing, war-driving, social engineering, and physical access. In addition to Jeremys technical background, his strong understanding of business processes and organizational structure allow him to meet the security needs of the business world. His analytical mind allows him to swiftly comprehends the big picture and executes the boldest of organizational visions. Jeremy is a believes in lifelong learning. He holds a Master of Science, Information Security and Assurance from Western Governors University and a Bachelors of Science, Computer Forensics and Network Security from University of Advancing Technology. Jeremy also is a Certified Information Systems Auditor (CISA) and a past PCI Qualified Security Assessor (QSA).
Rick has eight years in IT with five of those specifically in InfoSec
Rick has an associate degree in Information Technology and a bachelor's in Network Security and Forensics Rick holds the following certifications; CISSP, GISP, MCSA:Security, CCNA:Security, CompTIA A+, Network+, Security+
Rick's current responsibilities include the network security infrastructure for a major health-care system in the Eastern United States Rick also teaches information security courses part-time for one of Knoxville's premiere technical career colleges. Rick is a member of the East Tennessee chapters of InfraGard and the ISSA.
Rick is excited to mentor this course because he loves the information security field and enjoys teaching. "I love to learn and enjoy passing on that knowledge" "I like the feeling of being an instrumental part of helping someone along their career path"
* GSEC: GIAC Security Essentials Certification
* GCIA: GIAC Certified Intrusion Analyst
* GCFW: GIAC Certified Firewall Analyst
* GSPA: GIAC Security Policy and Awareness
* GLDR: GIAC Leadership
* GCPM: GIAC Certified Project Manager
* GWAPT: GIAC Web Application Penetration Tester
* GCUX: GIAC Certified UNIX Security Administrator
Comella is a contributing writer and researcher of, Protecting Your Business from On-line Fraud, currently posted on the SANS website. Comella is also a SANS Mentor.In his professional career, Robert is the Manager of Information Systems and Technology at Saint-Gobain Advanced Ceramics. Saint-Gobain is a worldwide leader in Advanced and Technical Ceramics. Comella is responsible for all aspects of Technology including design, implementation, and oversight of the division-wide network. Comella is also an independent consultant and principal of Gremlins' Computer Solutions (GCS), located near Pittsburgh Pennsylvania. GCS specializes in education and open source solutions. GCS has provided technical expertise to organizations small to large, admin to production.Robert provides keynote speaking to businesses and educational institutions on I.T. security related issues. Please feel free to visit his website at www.gremlinscs.com or his new blog at http://headgremlin.wordpress.com
Michel has been in the security industry for the last decade. He is currently employed as an information security specialist at Bell Canada. In the past, Michel worked as a security instructor as well as a consultant in both the private and public sector for various information security consulting firms. Michel holds several certifications such as CISSP, GCIH, CEH, OPST, ITIL and several others certifications related to various security solutions vendors. He's been collaborating with the SANS Institute for the past several years and also participates in various security events as a speaker and organizer. Michel is passionate about security and enjoys sharing his expertise with the rest of the community.
Michel uvre dans le domaine de la scurit depuis plus d'une dcennie. Il travaille actuellement comme spcialiste en scurit de l'information chez Bell Canada. Dans le pass, il a travaill comme instructeur et consultant en scurit au niveau des secteurs priv et public pour diffrentes firmes en scurit. Michel dtient plusieurs certifications telles que CISSP, GCIH, CEH, OPST, ITIL et plusieurs autres relatives divers manufacturiers de solutions de scurit. Il collabore avec le SANS depuis maintenant plusieurs annes et participe galement divers vnements de scurit titre de confrencier et d'organisateur. Michel est un passionn de scurit et aime partager son expertise avec le reste de la communaut.
Chris is currently a Chief Information Security Officer at Sharecat Solutions, administering the security challenges of a medium sized, multi country business. Along with a lot of security expertise, Chris also has a background in system development and application management. His vast amount of experience within the many different areas of IT has worked as an excellent precursor for his security enthusiasm.
Chris is an open, sharing, and fun person to be around. He is enthusiastic and motivating as well as positive and optimistic. A fun day for Chris is when he is penetration testing, problem solving or discussing program code or network protocols. He is passionate about security, both IT and physical security and his favorite part is web application security.
Inspired by people like Ed Skoudis, Chris is an aspiring security professional. He is driven by mottos like "Magic is just science we don't understand yet" and "Think bad, do good". Chris looks forward to teaching and sharing his experience with his students. You can learn more about Chris via:
Ashley has gained his security experience working for numerous companies including financial institutions, major international engineering firms, software development and power generation (protecting multiple SCADA systems). In addition to the CISSP, CISA and CISM certifications, he holds the prestigious GIAC Security Expert (GSE) certification along with the GIAC GPEN, GCIH, GCIA, GWAPT, GCFA, GSEC certifications.
Ashley is always keen to share his experiences and knowledge to help others develop their skills.
Chris Dixon's career began in 1992 as a mainframe programmer for the United States Marine Corps. He programmed in both ALC and Cobol writing JCL to run the mainframe jobs. He gained a variety of experience with hands on hardware and software installation before becoming a CCNA, CCDA and CCNP while working at a network operations center. Over the next 10 years Chris started working on the pieces in front and behind the routers becoming more familiar with various firewalls, packet filters and proxies. While still working in IT Chris went on to complete both a bachelors and masters degree in business then went on to complete CISSP, GCIA, GCIH, GSEC, GCFW, GCFE, GPEN certifications. Chris will finish his GCUX certification as he prepares to take the GSE exam in November.
Jeremy Druin works as an internal pen-tester, incident responder, and defect-remediation expert for a multi-national transportation logistics company. Other responsibilities include web vulnerability assessment operations, setting application and database security standards, creating developer training programs, and teaching developers how to architect, design and write secure applications. Additionally Jeremy develops the open-source Mutillidae 2.x training environment and consults on web-application security topics. As the Director of Education for the Kentuckiana ISSA chapter, Jeremy presents on web application pen-testing and remediation along with operating the "webpwnized" YouTube video channel. Jeremy has a Bachelor in Computer Science from Indiana University and is a GIAC-certified Network/Web Application Pen-Tester and Exploit Developer.
Mark Elliott has served as an information security professional since 1999 and an information technology professional since taking his first class in computer programming in 1988. He is a retired Army Warrant Officer, having served over 34 years in the Army and the Army National Guard. He has conducted numerous red-team and blue-team assessments and is currently the lead security engineer on a government contract. He holds the CISSP, GCIH, and GCED.
Christopher Emerson is a senior manager with with a Fortune 100 company, leading and running the Application Security team. Additionally, he founded White Oak Security (whiteoaksecurity.com), to provide high-end information security consulting services, helping organizations strengthen their network and application security without disrupting their ability to do business. Christopher has worked in Information Technology for ten years, and focused on Information Security for the last 6. He graduated from the University of St. Thomas with a Bachelors degree in Quantitative Methods and Computer Science. Within the Information Security Industry, he holds numerous certifications, including the Certified Information Systems Security Practitioner (CISSP), Certificate of Cloud Security Knowledge (CCSK), Certified Information Systems Auditor (CISA), GIAC Security Essentials (GSEC), GIAC Web Application Penetration Tester (GWAPT), Symantec Certified Professional - Cloud Security (SCP) and the System Security Certified Practitioner (SSCP). When not performing client work, Christopher enjoys researching new and old issues. Some of his work can be found at: http://whiteoaksecurity.com/blog/ http://www.symantec.com/connect/user/christopheremerson Christopher is excited at the opportunity to pair his personal experiences and knowledge with a proven course, SEC542: Web App Penetration Testing and Ethical Hacking, to help prepare the next generation of security professionals.
Ken is a member of the GIAC community and has participated in the GIAC Advisory Board. He currently holds the GSEC certification. The high caliber of the people and information provided by SANS inspired him to participate in the Mentor program. He has a particular interest in seeing information security implemented where it may be needed the most, small and medium enterprises.
Jesse Fernandez currently works as a Senior IS Audit Specialist in the insurance industry. In his role, Fernandez conducts complex information security audits including Payment Card Industry Data Security Standards (PCI DSS) compliance reviews across multiple markets all with different in-scope systems and technical infrastructures. Fernandez has worked closely with various key stakeholders on numerous information security initiatives and is regarded as a PCI DSS Subject Matter Expert within his current organization; managers and executives frequently call Fernandez to discuss PCI DSS matters and obtain his feedback.
These experiences have given Fernandez a first-hand perspective on the value that executives place on information security (when given timely information that is easy-to-understand). Recently, Fernandez worked with the PCI DSS Standards Council as part of a Special Interest Group (SIG) to develop guidance around conducting a PCI DSS risk assessment; Fernandez served in the role of Content-Coordinator during this SIG project to ensure document consistency, technical soundness, and assist in the development of the table of contents. Fernandez holds the GSEC, GCIH, CISSP, and CISA certifications and has over ten years of IT and IT Security experience.
Joseph W. Fisher, President, Affinity IT Security Services firstname.lastname@example.org Mr. Fisher has been providing technical consulting and training since 1993, and has literally trained thousands of students around the world in a wide variety of IT topics in Cybersecurity, Software Development, and Project Management. To combine his passion for IT security with his extensive experience in application development, Mr. Fisher formed Affinity IT Security Services to offer the following services: IT Security Assessments Secure Application Development Consulting Web Application Security Testing A hands-on practitioner, he is equally comfortable dealing with project teams and C-level executives. A dynamic and engaging speaker, in addition to his role as an consultant Joe has spoken on IT Security topics at QCon NY, OWASP NYC, JavaSIG NYC, NJMMA, Morris County Chamber of Commerce, and Regional IIB meetings. Mr. Fisher holds an undergraduate degree in Computer Science from Merrimack College, a Graduate degree in Computer Science from Rensselaer Polytechnic Institute, and an MBA from Fairleigh Dickinson University. He is a former Member of the Technical Staff at AT&T Bell Laboratories. He is an active member in the New Jersey Chapter of the Society for Information Management (SIM) and serves on its Executive Council. He also serves on the Board of the Sturge-Weber Foundation, a non-profit organization funding research and family support for affected families
David Fletcher is the network manager at Selfridge Air National Guard Base in Mount Clemens, MI. Having worked in information technology for the United States Air Force for 20 years, he has extensive experience in information technology and cyber security. Over the course of his career his roles have included network defense and intrusion analysis, network administration, database administration, and web application development. Within the Air Force he has experience supporting the legal, educational, guard/reserve, special operations, and conventional warfighting communities.
David has completed a bachelor's degree in Electrical Engineering through the University of West Florida and is currently enrolled in the Master's of Information Security Engineering program through the SANS Technology Institute. In addition, he is GSEC, GCIA, GCIH, GISP, GAWN, GWAPT, GPEN, and GCFA certified.
Jarrod started on computers in elementary school on a TRS-80, and moved through the years to the Apple II, the Macintosh, and eventually the PC. After working for a couple of years as the unofficial "computer guy" in his department, he transitioned into a full-time IT role in the mid-1990s, eventually working on projects involving wireless networking and PKI cryptography. Since then has held a strong interest in the cat-and-mouse games between attacker and defender. He's worked in a variety of industries, including medical manufacturing, financial, energy, and local government, learning that while every environment is different, no environment is truly unique. For the last few years, he's been involved in security operations at an ACS, Inc., contract at the County of Orange, overseeing a wireless networking deployment and taking a strong role in re-engineering the County's security infrastructure, among many other projects. He holds a GAWN and GCIH, and has no plans to stop with those.
BJ Gleason has been teaching graduate and undergraduate Information Systems and Computer Security classes for almost 30 years. He holds undergraduate degrees in Computer Science, Criminal Justice, Asian Studies, and graduate degrees in Computer Science, Education, as well as an Ed.S in Computer in Education. In addition, Mr. Gleason holds about 40 computer industry certifications from SANS, (ISC)2, ISACA, Microsoft and is a Certified Computer Examiner from the International Society of Forensic Computer Examiners. He is currently teaching for the University of Maryland University College in Seoul, Korea, since 1995, and has been working as System and Security administrator for Group W under contract with the US Military since 1999. He was the lead author of the user manual of Drew Faheys Helix Forensic CD. Mr. Gleason is looking forward to being Mentor for SANS as he will be able to give back to the security community that has given him so many opportunities and learning experiences.
After serving the country in the United States Navy for 8 years, Charles (Chip) Greene began his career in Information Technology. Over the next 18 years, Chip has held positions in Support, Design, Research and Development, Education, Disaster Recovery, and most recently in Information Security. As a Senior Information Security Analyst, Chip leads the Identity and Access Management Team at Virginia Commonwealth University Health Systems. Chip has received a Bachelor's Degree in Information Systems from Virginia Commonwealth University, and a Master's Degree in Disaster Sciences from the University of Richmond. He currently holds a GIAC Security Leadership Certification and previously held the Cisco Certified Security Professional certification. Mr. Greene was also honored with an Outstanding Educational Performance Award from the University of Richmond upon graduation from his Masters program. Education and training are extremely important to ones career and Chip believes that it is important for everyone to take advantage of the opportunities presented to them. The SANS Mentor Program is an outstanding way for Information Technology Professionals to gather, learn and develop from each others experiences and knowledge.
Ron is a retired US Air Force officer with almost 20 years experience in various areas of IT, from software development to system administration to security and Cyber Command and Control. Ron analyzed and developed security orders for the Air Force network, and is adept at breking down technical security issues for senior leaders and lay people. Ron also was an accomplished security instructor for the Air Force, teaching over 30 security classes to Air Force officers, enlisted and civilians. Ron is looking forward to sharing his experiences with students in the Houston Metro Area.
Michael, a Sr. Security Consultant at True Digital Security in Tulsa, OK, has been in IT for 15 years, with over twelve years of experience developing, implementing, and managing information assurance and security programs for Fortune 500 companies in many industries, including financial services, healthcare, telecom, software, manufacturing, retail, and education as well as state and federal government agencies. Michael's particular area of expertise is in intrusion detection and prevention systems. He is currently pursuing his Ph.D. at the University of Tulsa, where his research is focused on advanced network security monitoring techniques, big data visualization, and situation awareness. He maintains the CISSP, GSEC, GCIA, GCIH, GCFA, and QSA certifications.
Matthew J. Harmon brings two decades of security industry knowledge, international standards development experience, penetration testing and incident response and a deep understanding of underlying technologies to his sessions. Having consulted for many fortune, government, and not-for-profit organizations, Matthew is familiar with the day-to-day challenges of businesses today. Mr. Harmon is the owner, security researcher and consultant for IT Risk Limited based out of Minneapolis, Minnesota and frequently presents at conferences and for security associations.
James Harris got his first job in information security at the age of 15, as the administrator of a BTI-4000 mainframe for his high school in Durham, NC, and at age 16 added a second part-time job assembling and testing computers at a small PC integrator called Dramen Computers.
After earning his degree in Physics from North Carolina State University in 1994, Jim went to work at IBM as a hardware engineer for the PC Company, specializing in the design of computer graphics and video systems. Jim was one of the founders of the Digital Display Working Group, and helped author the DVI specification. In 2000, Jims work on DVI led to a job as a Senior Field Applications Engineer with Silicon Image in, a semiconductor company specializing in high speed serial digital interface chips, where he worked helping to design Silicon Image parts into digital video and high-speed storage systems.
After the tragic events of 9/11, Jim decided to go to work as an FBI Special Agent. His first field office assignment was in the Sacramento, CA field office, where he worked mostly cybercrime matters, specializing in Internet Crimes Against Children. Jim worked heavily in Computer Forensics as a member of the FBI CART team, earning his Encase Certified Examiner status in 2007. In 2009, Jim became the supervisor of the Cyber Squad in Sacramento, as well as the Commander of the Federal Cyber Crime Task Force there. Jim earned his ISC^2 CISSP certification that same year. In 2010, Jim was selected to a supervisory position at FBI Headquarters Cyber Division, and served in a number of positions, including as the Senior Liaison Officer to the United States Computer Emergency Readiness Team (US-CERT). In 2012, Jim earned his GSEC certification, and later that same year became the Assistant Section Chief of the FBI's Counterterrorism Internet Operations Section.
Jim left the FBI in 2013 to go to work for Obsidian Analysis, A Washington, DC-based professional services firm providing analytical and policy consulting for homeland security, national security, and intelligence decision makers. As the Senior Specialist for Cybersecurity, Jim advises clients on policy and preparedness in Cybersecurity. Jim's enjoys hearing himself speak, and can't wait to teach others!
For the previous decade, up until July 2011, he helped to build a start-up company called Visonex into a profitable, nation-wide dialysis-specific electronic medical record using a software-as-a-service (SaaS) business model. In addition to managing the inception and delivery of multiple product innovations, Ken was responsible for all aspects of assuring the security and privacy of both the internal IT systems and the companys SaaS offerings.Prior to coming to Visonex, Ken worked as a corporate Electrical Systems Manager for Kraft Foods where he installed PLCs and SCADA systems and helped to secure the plant floor.
Ken holds a BS Electrical Engineering from Michigan Technological University and has earned the CISSP, as well as the GIAC GISP and GSEC security certifications. He is also a Certified Professional in Healthcare Information Management Systems (CPHMIS)
Mr. Hoffman has been working in the information field for over 15 years supporting federal government, commercial and internal customers in their searches to discover and quantify information security weaknesses within their organizations. He holds many industry-recognized certifications such as SANS's GAWN, GWAPT and GPEN as well as the CEH and CISSP and has many years of hands-on, real-world penetration testing experience that he brings to each of his teaching engagements.
Chris is the Director of Enterprise Security Services for Continuum Worldwide. Chris has experience working across multiple industries in the areas of penetration testing, regulatory compliance, intrusion detection, and program assessments. He holds a MBA, a Masters Degree in MIS with an emphasis in Information Assurance from the Peter Kiewit Institute at the University of Nebraska-Omaha and is a SANS Institute mentor. In addition, he holds the CISSP, CISA, GSE, GCIA Gold, GSEC, GCIH, GCWN, GCFA, GWAPT, GPEN, GXPN, Splunk Certified Architect, and PCI QSA certifications.
Mike has eighteen years experience in the control system industry, in system design and delivery. Mike earned his Bachelor of Science in Electrical Engineering from Case Western Reserve University in Cleveland OH. Mike has earned his GSEC and GCIH certifications and considers information security to be an exciting area to grow in.
Cliff's professional career started 18+ years ago as a help desk analyst supporting mainframes and dial-up internet. He progressed through desktop support, desktop management and server administration and joined the security team in late 2008. The wide diversity of topics in security has Cliff thirsting for knowledge like he was a teenager again.
Cliff currently holds CISSP, GPEN, GWAPT, OSCP, MCSA 2000/2003 and Security+ certifications.
Occasionally (read rarely), Cliff will add something mildly informative to infosecandotherstuff.blogspot.com.
Ben S. Knowles, BBST, CISSP, GSEC, GCIH, GCIA, LPIC-1 (adric) is a technologist and researcher in the Atlanta, Georgia, USA area. In high school, he competed at the national level in Constitutional Law. He has been a professional computer security consultant, technical trainer, and system integrator and is currently certified as a black box software tester, internet security professional, incident handler and analyst, and Linux system administrator.
Ben has lectured lower division Mass Communications, Political Science, and Computer Technology classes on Digital Media and Intellectual Property Law and has taught basic computer repair, networking, and information security classes. Currently he is a security system administrator on the incident response team at the Atlanta office of a global IT services firm.
Anthony should be the first Hong Konger publishing GREM gold paper and speaking in Blackhat USA 2010, DEFCON 18, DEFCON 19 as well as Hack-In-Taiwan and has set up a security research group called VXRL (www.vxrl.org) in HK, which connects various hackers and security researchers in the planet and co-found Xecure Lab (www.xecure-lab.com) on APT research and detection service. Frankie and Anthony as well as another VX fellow, DDL, has published a case studies paper about APT case studies accepted by IEEE Malware 2011 conference.
He is the chairman of OWASP (HK Chapter), program committee of PISA, extended committee member in HTCIA (Asia Pacific Chapter) and actively provided various technical seminar sessions to the practitioners in Hong Kong.
Other certified as GREM (Gold), he is also GCFA and GWAPT holder.
James Leyte-Vidal is a Florida-based Manager of Security and Compliance in an Internet-facing division of a Fortune 100 company. James has worked in IT for over 10 years and has extensive experience with securing both internal and externally facing applications, security incident handling, helping developers understand security requirements, and auditing of internal and external facing systems.
James holds the GCIH, GPEN, GWAPT, GAWN, GISP, CISSP, MCSE, and CISA certifications and degrees in IT and Psychology. James was also a finalist in the ISC(2) 2012 North America Information Security Leadership Awards. He provides Security and Compliance awareness training within his own company as well as training in Problem Solving and Decision making methodologies from an external vendor. James is excited to train SANS content to others because of the positive impact they have on the security community and the assistance they provide in helping us all protect our information assets.
Frankie is an independent researcher specializing in computer forensics, malware analysis and exploits. He is a security researcher of Valkyrie-X Security Research Group (www.vxrl.org), member of Information Security and Forensics Society (www.ISFS.org.hk), Professional Internet Security Association (www.PISA.org.hk), International High Technology Crime Investigation Association (HTCIA) - Asia Pacific Chapter (http://htcia.asia) and The Honeynet Project - Hong Kong Chapter. He is also a part-time lecturer of Digital Forensics classes offered by HKU SPACE. Frankie holds a master degree in ECom/IComp from The University of Hong Kong. He also holds several industry destinations, including Certified Information Systems Security Professional (CISSP), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA) and GIAC Reverse Engineering Malware (GREM).
Eric Lorenz is a graduate of the University of Michigan-Flint with a dual major baccalaureate in Computer Science and Psychology. He has over 18 years experience in Information Technology, having acted as a systems & network administrator, web developer, and postmaster among other duties. He is currently the Director of Infrastructure & Security in Information Technology at Central Michigan University and chairs the university's Security Incident Response Team. Mr. Lorenz's areas of expertise include heterogeneous system administration in AIX, Linux, OS X and various flavors of Windows. He is also proficient in directory services administration, infrastructure planning, and intrusion detection analysis. He is currently a GIAC-Certified Forensic Analyst (GCFA), Incident Handler (GCIH) and Reverse Engineering Malware (GREM). He is a passionate advocate for information security and enjoys the interactions that come with teaching.
Currently, he is part of a team that architects, implements, supports and manages a wide variety of network security solutions while also working with other groups on a range of other activities such as incident response and electronic investigation.
Stephen says, "I have had the good fortune to see the IT and security worlds from a variety of perspectives. I have experienced the challenges of security practice on both a very small and very large scale. I very much enjoy technology and love getting my fingers into everything. Mentoring the material will help to keep it fresh in my mind and I expect that I will be able to learn some things from students as well." He looks forward to the personal networking that will also occur within this class.
He currently holds several GIAC certifications
Price has been in the IT industry for the last decade and has focused on Information Security for the past 5 years. He has worked in both the private sector and as a consultant. He is currently a Sr. Information Security Officer for a leading public safety company. His experience includes network engineering, incident response, intrusion analysis, vulnerability assessments and penetration testing. Price currently holds several certifications such as GSEC, GWAPT, GPEN, GXPN, CICP as well as a degree in Information Systems from DeVry University.
Paul has a passion for teaching and training new cyberwarriors in the never ending arms race against malicious network intrusions.
Paul currently holds the following industry certifications:
On learning hacking techniques to better know how to defend against them;
Know thy self, know thy enemy. A thousand battles, a thousand victories. Sun Tzu
Patrick has worked in various aspects of security and computer fields since 1995 in public and private sector environments. He has an undergraduate degree in Computer Engineering Technology, a graduate degree in Information Assurance and a second graduate degree in Computer Science. In a previous life Patrick worked as a locksmith and first line technician for a company responsible for servicing bank automated teller machines (ATM) in the Baltimore/Washington DC corridor. Patrick holds the GIAC GPEN, GCIA, GCIH, GCWN, and GCFA certifications.
Chuck Morris has been a member of the SC Upstate IT Community since 1983. As a member of the leading edge of the business microcomputer revolution he pioneered many of the business processes in common use today. Working primarily in the Aerospace, Automotive, Banking and Electronic Gaming industries he has served in both internal and external roles. One internal role was as MIS Manager for Greer State Bank, which received a rating of 1 (the highest possible score) on an FDIC conducted Electronic Data Processing Audit during his tenure. Mr. Morris has been involved in security issues from the very beginning of his career. His first interaction with a hacker was in 1983. The hacker was trying to use a 300 baud dial up modem to steal a clients customer database from a Kaypro bulletin board system. Since then the systems have grown (multi-continent) and become more complicated, but the challenge remains keeping the clients data safe, while ensuring that they have the flexibility to get the job done. Time spent consulting for Flour Daniel and Michelin, as well as a four (4) year contract as Manager of Information Protection for BMW - Plant Spartanburg expanded his scope into the International arena. But I prefer to stay in Greenville. A graduate of Furman University, Mr. Morris is a firm believer that life long learning leads to true professionalism. He was among the first in the United States to earn a certification from Novell, and has been certified by the SANS Institute since 2004. Now a free lance consultant, Mr. Morris considers himself a fixer. It is amazing how many IT problems are Security related. Even when there is no external threat, solid security practices implemented properly, can solve most of the IT problems businesses face today.
Lorenza D Mosley is an IT professional with more than 19 years of experience at various levels of Telecommunications and Computer Network administration. Lorenza has sent the last 10 year as an Information Assurance Manager and Computer Network Defense Technician for the U S Army; where he was responsible for implementing and evaluating security technologies and policies at various military installations, worldwide. He has a Bachelors of Science in Computer Studies from the University of Maryland, College Park, and is currently pursuing a Masters in Cyber Systems and Operations. Additionally, Lorenza holds the CISSP, GCIA, GCIH, GPEN, GSNA, GCWN, GCFA, and several other industry certifications. He looks forward to sharing his knowledge and experience while helping other achieve their goals and advance their carees.
Joel Offenberg works for Vantage Systems, Inc. as a Senior Security Engineer for the Joint Polar Satellite System at NASA's Goddard Space Flight Center. He is also Vantage Systems' Chief Information Security Officer and is a member of the business development team. His current job focus is IT security planning, continuous monitoring and security critical operational systems. Joel has worked as a contractor at NASA's Goddard Space Flight Center since 1991.
Joel holds a B.A. in Physics, an M.S. in Computer Science and CISSP, PMP, GSNA and GSEC certifications. He is a founding member of Information Assurance @ Goddard seminar series, where he is also an occasional speaker.
Joel always enjoys participating in SANS as a learner and is excited to be have the opportunity to share his experience.
In his spare time, Patrick enjoys amateur radio (he holds an amateur extra class license), electronics, bowling, sailing, and photography. He is also a Debian Developer with the Debian Project.
Patrick earned a B.S. degree in Physics from the University of Toledo, and has pursued graduate studies in Astronomy and Theology.
Patrick is excited to be mentoring for SANS because mentoring provides an opportunity develop a one on one relationship with the students as they learn the material and how it applies to their environment.
Mike Pilkington is a Senior Security Consultant for a Fortune 500 company in the oil & gas industry. He has been an IT professional since graduating in 1996 from the University of Texas with a B.S. in Mechanical Engineering. Since joining his company in 1997, he has been involved in software quality assurance, systems administration, network administration, and information security. Outside of his normal work schedule, Mike has also been involved with the SANS Institute as a mentor and instructor in the digital forensics program.
Listen to Mike discuss Protecting Privileged Domain Accounts during Live Response in this highly rated SANS webcast that every DFIR professional should listen to.
Ricardo is currently the Chief Operating Officer for a Brazilian company specialized in Information Technology Management and Information Security Management, dealing with the challenges of quality assurance for projects; the continuity of operations for customers and seeking new technologies, which add value to the overall business. With over 15 years of experience in Information Technology and Information Security, he has been responsible for the management and implementation of projects across a wide range of areas in Governance, Strategic Planning and Services Management of Technology and Information Security for companies such as Hewlett Packard, AT&T Latin America, TELMEX and other leaders in the Brazilian and international markets.
Graduated with a bachelors degree in Information Systems and MBA in Information Technology Management, Ricardo has extensive experience in incident analysis, computer forensics and penetration tests. Currently, he holds GPEN, GIHC, CISM, CRISC, MCSE, CCNA, ITIL, ISMAS, and HDI Manager Certifications. He enjoys PYTHON programming in his spare time and is working as an associate professor in the postgraduate program in Information Security Management and Computing Forensics at FIT College in Sao Paulo and as an instructor for official ISACA training programs at Daryus Training Center. An enthusiast of new market trends and matters related to Information Technology Management and Information Security, Ricardo enjoys learning and passing his knowledge on to help others develop their skills.
Rex is an experienced IT and electrical engineering professional with more than 25 years of technical experience, and has spent nearly 30 years working and playing with computers - designing them, programming them, supporting them, networking them and securing them. In addition, he has spent much of the last 20 years managing and coordinating technical projects. He currently operates an IT consulting business. In addition to his bachelor's degree in electrical engineering, Rex was among the earliest to earn GIAC certification in security essentials, and was a longtime member of the public speaking organization Toastmasters International. He is an experienced SANS mentor, and has consistently earned rave reviews from his students. Besides his work with SANS, Rex has taught technical concepts to people of all levels of technical literacy, as well as photography, radio theory to the blind, and guitar. Whether teaching, mentoring or managing projects, Rex most enjoys getting people together to help them achieve a common understanding.
Erich has been involved in starting and running security user groups, and enjoys the challenges that come from such situations, and see's the SANS courses as a great way for people and learn and is committed to helping with that.
Magnus has worked in the IT-industry since 1998. He holds an MSc in Computer Science from KTH, Stockholm. In 2000, Magnus co-founded Secode (http://www.secode.com), a leading provider of Managed Security Services in Northern Europe. At Secode, Magnus was one of the architects of the company's MSS offering. After leaving Secode in 2005, Magnus went on to work for the Swedish Intelligence at FRA. At FRA Magnus performed Penetration Testing, IT Forensics, Data Recovery and Network Security. He has also been responsible for delivering public demonstrations of live penetration testing. His current position is Production Lead within the area of Network Security. Magnus holds several certifications: GSEC, GREM, GCFA, GCIA, GCIH, GPEN and CISSP. Always seeking to expand his knowledge, Magnus is also very excited to help you expand yours.
Matt's experience in the industry started at the bottom rung as a high school student hacking the email server via telnet and spoofing emails. During high school he picked up a job as a computer salesmen doing IT work on the side for neighborhood clients. After high school he went to Pennsylvania Institute of Technology and obtained his associate's degree in computers and communication technology. The coursework revolved around the Cisco CCNA curriculum. After obtaining his associate's he attended Drexel University receiving his bachelor's in information technology. Throughout college Matt was apart of a small consulting company supplying IT work for charter schools in the Philadelphia area. After Drexel Matt accepted a job at Philadelphia Gas Works starting as an entry level security analyst. At the gas company Matt oversees compliance management, network configuration audits, vulnerability scans, network IPS, anti-virus suite and incident handling. Currently at PGW, Matt got his CCNA and CCNA Security certification. Matt recently passed his GSEC certification. In conjunction with day to day security operations at the gas company, Matt also handles incidents for a consulting company in charge of one hundred and fifty plus clients. Matt is excited to become a SANS mentor because he sees it as an opportunity to share his experience in different IT business styles to other security professionals in those same areas.
Anuj has a passion for incident response, forensics and malware analysis, and he's very excited to meet others who are interested in learning about these areas. He loves sharing what he knows and learning from others, so he's looking forward to the mentoring experience!
Ed Steele has more than 10 years experience focusing on information security and systems management. He has taken leading technical roles with information security projects in banking, government and education; providing expertise with the design and implementation of multi-million dollar local and wide area networks, highly available mission critical data processing centers, vulnerability and risk assessments, threat intelligence, compliance, integration and life cycle management. In Eds current role as a principal security engineer he manages a vulnerability assessment project and provides advanced technical expertise supporting enterprise information security initiatives for a federal government organization. He is keenly familiar with the unique challenges presented by information security in diverse fast paced environments and enjoys using his creativity to deliver complex, cost effective solutions to meet demanding business requirements. Ed has earned a Bachelor of Science Information Technology degree with a concentration in information security/network administration from George Mason University and currently holds the following professional level certifications: CISSP, GCED, GSEC, CCSP, CCNP-Security, CCDA, CCNA, CCNA-Voice, CS-CIPSS, AFOT & A+ Enhanced.
Gerald Steere is a penetration tester with Cyber Security Professionals, Inc. He has over fifteen years professional experience in information technology, with the last 7 years focused on information security and pen testing in the Federal sector. As a prior auditor for two different IGs, he has substantial insight into the way audits work from both sides. Gerald wants to provide his experiences to the next generation of security professionals and enjoys making others as security paranoid as he is. He holds degrees in Electronics Engineering Technology and Computer Information systems and posses multiple certifications including the GXPN, GPEN, OSCP, and CISSP.
Tai has this unquenchable curiosity about how things work and numerous toys and gadgets will attest to this. Putting them together again is a different matter. When he first learned how easy it was to send emails as Santa Claus, over 20 years ago, he was struck by two epiphanies: security is critical; and he can get paid to do it! Always considered a Subject Matter Expert on security at the large enterprises and Fortune 100 companies that he worked at.
He has dedicated over 20 years to Information Security, from reading RFCs to actively performing penetration tests to designing and managing policies and Information Security programs, educating auditors and mentoring staff.
Until proven wrong, he is the mentor that has the oldest SANS t-shirt from 1996.
Larry Thompson is a seasoned IT professional with over 15 years experience and a strong background in Information Security and Systems Management. He has been an Infomation Systems Security Engineer as a contractor to the Federal Government for the past 6 years focusing on Risk Assessments and Certification and Accreditation. Prior to that, he was part of the security team responsible for the protection of healthcare systems and patient information under HIPPA regulations. He has also worked as a security and system engineer for a major Virtual Private Networking (VPN) manufacturer developing both commercial and federal government grade encryption products. Larry currently holds a Bachelor of Science in Computer Networking as well as CISSP-ISSEP, GSEC, CRISC, and CEH certifications.
Shawna has been doing software for 15+ years, often in the security space, working with and for many large names such as McAfee, Business Objects, SAP, Microsoft, Tripwire and Nike. She's achieved certifications in Pragmatic Marketing, Project Management Professional, is a Certified Scrum Master, a CISSP holder and has worked in all aspects of software creation. She's super excited to help tomorrow's leaders shape our security future.
Andres Velazquez, President and Digital Investigations Director of MaTTica; the first computer forensics private Lab dedicated to the investigation of cybercrime in Latin America.
He has more than 30 international certifications in the area including: Certified Information Systems Security Professional (CISSP), GIAC Certified Forensics Analyst (GCFA), GIAC Certified Forensics Examiner (GCFE), AccessData Certified Examiner (ACE) and NSA INFOSEC Evaluation Methodology (IEM) by the NSA in the US.
He trains and gives advice to different law enforcement agencies in Latin America including INTERPOL and UN.
Member of the High Technology International Association (HTCIA) , Latin American Fraud and Financial Crimes Investigation Association (ALIFC), Internet Society (Mexico Chapter) and the Latin American Information Security Professionals Association (ALAPSI) where he has part of the board from 2005 to 2007. He also was a member of the Cybercrime Combat Group part of the Federal Police in Mexico and member of the Network Information Center (NIC) Mexico Consulting Committee.
He has done all kind of training in Universities, Law Enforcement Units and Organizations.
Sol Warnock has worked in the IT Security field for the past 18 years. He has a broad range of experience with intrusion detection technologies, wireless security, and incident response methodologies. Sol has performed network security configuration and analysis for Government and private industries. He currently serves as an instructor/course writer at the US Army Cyber Leader College. Sol holds many commercial certifications including CISSP, CWNA, MCSE, GCIA, GCIH, GPEN, GCFA, GSNA, GCWN, and GSEC.
William started in the IT field in 2006 working on switching systems and multiplexers. From there, he prospered in the IT community when he decided to take his expertise to the military community; he worked with the Military in setting up deployable communications networks that supported thousands of deployed troops in many austere and complex environments. He was one of the first in the military to pioneer the use of WIFI Solutions in the deployed environment and designed a deployable fly-away kit that would eventually lead to the implementation of WIFI solutions for all tactical deployable communications teams. From there, he took his networking and security prowess one step further and became a Network Warfare Curriculum Developer for the Military's only cyber warfare training unit. He develops curriculum that trains over 400 persons a year in various aspects of network security, hacker methodology, concepts, and techniques. He leads the small team of selected individuals who are in charge of training students on GSEC and GCIH to ensure they not only meet SANS requirements but also the government standards. He deploys the latest in hacker trends in lab environments, and then trains personnel on how to protect against them and utilize them in an offensive mindset. His drive for excellence in the security community has led him to want to pass along his skills and knowledge to the up-and-coming security professions so that they can succeed as well. To this end, he is very excited about being a SANS mentor, and hopefully be a SANS instructor someday.
Jeff has over 12 years in Information Technology. He enjoys Infosec and looks for every opportunity to both learn and train others on new techniques as they come to his attention. Jeff holds 9 industry certifications including the giac GCIH and GPEN. In his spare time Jeff enjoy building test networks and spending time with his wife and 2 kids. Jeff looks forward to sharing the exciting world of Incident Handling with each and everyone of you :-)
Shunda joined in Intel in 2007, worked for validation and security validation, is mainly responsible for penetration test, fuzz test, production security feature validation, secure code review. Before working in Intel, Shunda worked in ZTE (a telecommunication company in China). Shunda owned Master degree of computer architecture in Huazhong University of Science and Technology. Shunda also had Bachelor degree of computer science in Huzhong University of Sinence and Technology and another Bachelor degree of material science and technology in Wuhan University of Science and Technology. Shunda has finished SANS560 training in 2011 and SANS660 training in 2012, passed GXPN cert with scores of 89.33%. Shunda applied this mentor program because he wants to help more colleagues in his group to be security experts.