Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.
Rafael is currently employed as a Pentester and Ethical Hacker at Ernst & Young. In the past, he worked as a technical security consultant for various organizations and the local government (CSIRT-CV and GVA) in Spain. In the last 7 years he gained experience doing Penetration Testing, Incident Handling, Intrusion Detection and securing environments. Rafael is also a member of the GIAC Advisory Board (SANS Proctor) and a Mentor teacher by SANS Institute. He has a five-year degree in Computer Science and currently holds the CNAP, CISA, GCIH, GPEN, GAWN, GCIA, GCFE and GCFA certifications.
David Bernal Michelena holds a bachelors degree in Computer Engineering from the National Autonomous University of Mexico (UNAM). Since July 2013, he is a member of Security Events team at Alstom, a world leader company in energy and transport solutions. Alstom has a huge network, formed by about 80,000 hosts and servers distributed worldwide. He was attracted by the challenge that represents defending such a large network, having the opportunity to use and enhance Alstom cutting edge technologies and applying his forensic abilities to bring value to the team. His main activities are incident response, security patching management, malware analysis and remediation, forensic analysis, IPS/IDS and correlation management and optimization.
He formerly served as a Senior Computer Forensic Analyst at Scitum from July 2011 to July 2013. His main activities there were evidence acquisition, analysis, preservation, incident response, log analysis and results reporting to Scitums clients. In Scitum he had the opportunity to work in challenging projects for Mexican private and public institutions, including large Banks and other large government clients.
In November 2010, David was one of the main instructors in the forensics workshop on LINUX systems at the prestigious local event UNAM security conference. From August 2009 to July 2011 he worked as an incident handler and forensic analyst in UNAM Computer Emergency Response Team, which is the first CERT to be created in Mexico.
In August 2010, he was one of the winners of Honeynet 5th Forensic Challenge, log mysteries. In 2011 he gave his first SANS 508 Advanced Computer Forensic and Incident Response course in Mexico, in 2013 he gave his second course. He loves teaching, specially InfoSec courses.
David is GCFA, GCFE and Access Data certified. He also likes programming in several languages and is a command line lover in LINUX and Windows as well.
On his free time, he likes to play the piano.
Doc Blackburn has 16 years of professional, and over 30 years of personal, experience in system and software design, server and network administration and website programming. His interest in computers started in 1982 when he first started programming in DOS on a Texas Instruments TI-99 4a and continued as a dedicated computer hobbyist until he decided to make information technology a full-time career. He ran a successful IT consulting, hosting, and design firm for 12 years until he found his passion was in systems security and compliance. His well-rounded experience includes hardware, software, network design, management, administration, systems security, and compliance. He has vast experience at various levels of information technology from support to management. Recently, he has been heavily involved in the technical design and implementation of NIH approved FISMA compliant information systems. He holds ITIL, CISSP, and GIAC GSEC, GPEN, and GSLC certifications along with a Bachelor's degree from the University of Arizona. He is currently the Security Administrator for the University of Colorado Denver.
"In my professional career I have recruited, hired, trained, and mentored many highly technical individuals to excel in their professional development and am excited to do the same as a SANS instructor. I have a blog at http://docblackburn.blogspot.com explaining cyber-security to non-technical users in language and terms they can understand."
Duane is well-rounded professional with over six years' experience in security, including cryptography, two-factor authentication, U.S. border security planning, threat entity resolution, social engineering, and non-destructive entry. Duane holds an AAS in electronic engineering, a BA in foreign langauges, an MA in linguistics. He is a CISSP and GPEN, and is working toward the GSE and OSCP. He has two patents pending and continues to pursue research professionally and independently. Ever the thrill seeker, Duane spends his free time mountain biking, kayaking, and guiding whitewater rafters. He has lived in China and Mongolia and eaten more types of protien than many people can name. He is very excited to be mentoring SEC 560 as it contains the highest volume of hands-on material of all the SANS courses, and offers something for everyone. He loves technology and teaching, and especially loves combining the two. You can keep up with Duane at FooLionInfoSec.com and @FooLionInfoSec.
Over the course of Serges 10+ years as a security professional he has had the opportunity to work for various organizations and clients on all sorts of initiatives, ranging from implementing transparent biometric user authentication in online banking applications to dumpster diving and penetration testing. Serge earned his Bachelors of Science degree in Electronic Business Management and a Masters of Science degree in Computer Systems Security prior to earning the CISSP and three SANS certifications: GPEN, GCFA and GWAPT. Prior to his current role, Serge was responsible for application security, fraud prevention, audit compliance, vulnerability assessing, security awareness and the like in an electronic banking environment encompassing hundreds of servers, thousands of websites and over one million unique end users.
Dan Bougere has over ten years of experience in the information technology field. He currently works for ManTech International, Inc. as a Principal Security Engineer in the MCIS division for a customer in Northern Virginia. He has also been a Network Vulnerability Analyst at the NSA and an Intrusion Detection Analyst for Secure Mission Solutions on contract to the High Performance Computer Modernization Office's DREN/SDREN network. Dan holds a B.S. in Software Engineering Technology from the University of Southern Mississippi, an M.S. in Information Assurance from Capitol College, and an M.S. in Technology Studies from Eastern Michigan University. He also holds the CISSP, GCIH, GCIA and multiple other industry certifications. He is also currently pursuing the GSE certification. Dan enjoys being a computer geek, and loves spending hours talking and geeking out with fellow like minded individuals. He has done various informal and formalized training sessions, and takes pride in making sure that he keeps his students/attendees interested and involved in the subject matter. There are aspects of computer security that can be exciting for anyone, and he makes sure that carries over to his training. http://www.linkedin.com/in/dbougere/
Justin Bowen is currently working at SCL Health Systems as the Lead Incident Response and Digital Forensics expert. Among these duties, he is expanding his Information Security Knowledge with practice in Penetration Testing. Justin started his journey in the world of Information Security after spending 3 years as a system administrator in the field. He is passionate about Information Security as a whole, and continues to keep himself up-to-date with the latest technology and advancements in IT security.
Marcelo enforced Firewall, Intrusion Prevention System (IPS), Demilitarized Zone (DMZ), anti-virus and anti-spam configuration and maintenance. He assisted with the selection, installation, and adoption of automated tools that enforce or monitor the compliance with information security policies, procedures, standards, and similar information security requirements. He analyzed and documented information security incidents as well as the analysis of the circumstances enabling or permitting these same incidents to take place. Audited, verified network security and gave recommendations to improve the network security. Executed wireless evaluations and security auditings. Advised organizations with current information about information security technologies and issues and researched and recommended solutions. Wrote user manuals on security softwares and computer, email and Internet user policy. Developed and implemented user security awareness programs, with seminars, conferences, folders, newsletters and helpful suggestions. Designed and reviewed Windows 2000/XP/Vista/Windows 7 and Linux security architecture.
Marcelo has assisted task forces in lawsuits as technical assistant, acting as a expert witness in civil trails. He assisted in computer crimes (cybercrime) investigations and was responsible for establishing a chain of custody for evidence. He performed customer data analysis of data requested from banks and telecommunication companies, as requested by Brazilian Attorneys. He wrote, compiled and edited reports of security activities.
Marcelo has also worked as an associate professor on some colleges training on the following subjects: Law, Investigation and Ethics; Physical Security; Systems Security and Auditing; Networking; Cryptography; Software Engineering; Data Processing Center Administration. He worked as instructor for the Security Fundamentals Course (Presidency of Republic) for over than 10 classes. He was lecturer at the most important Information Security conferences in Brazil.
Finally, Marcelo holds a Masters degree in Computer Science and a Bachelor degree in Information Systems. He also has some certifications, which illustrates his passion to learn: GIAC Certified Forensics Analyst (GCFA), GIAC Certified Incident Handler (GCIH), CISSP (Certified Information Systems Security Professional) and EnCase Certified Examiner (EnCE).
Smita Carneiro has been working in the IT industry for a long time. After getting an engineering degree, she worked for a company that specialized in Novell LANS. She became certified in Novell and then transitioned to Windows getting her MCSE starting with NT 4.0 and working up to 2003. She became interested in application packaging and SMS and spent more than 10 years with SMS/SCCM. Along the way she obtained GIAC certification. She now works as an Active Directory Systems Engineer for Purdue University and also holds the GCWN certification. She learnt a lot doing both SANS courses and wants to help others get interested in and learn more about security. http://www.linkedin.com/pub/smita-carneiro/7/4a3/64b/
Rick has ten years in IT with six of those explicitly dedicated to InfoSec
Rick has an associate degree in Information Technology and a bachelor's in Network Security and Forensics. Rick holds the following certifications; CISSP, GISP, MCSA:Security, CCNA:Security, CompTIA A+, Network+, Security+
Rick's InfoSec experience includes the network security infrastructure for a major health-care system in the Eastern United States, and more recently the security infrastructure for an energy company with operations in refining, logistics, and convenience store retailing.
Rick has also taught information security courses for two technical colleges in the Knoxville, TN area, one of which is an NSA National Center of Academic Excellence in Information Assurance Education. Rick is a member of InfraGard and the ISSA.
Rick is excited to mentor this course because he loves the information security field and enjoys teaching. "I love to learn and enjoy passing on that knowledge" "I like the feeling of helping someone along their career path"
Not only has Mr. Corll worked in many different environments, but he has worked in many roles, both internal and external. He has been the auditor who validates processes and ensures compliance as well as being the internal security engineer who implements policies and makes changes necessary for that compliance.
Recently Mr. Corll was able to participate in the information security group at a Fortune 500 company and own (5) processes that were required for ISO 27001 certification. Thanks to his dedication in working with the auditing and compliance group, and his work with the external auditors, his company was awarded that certification.
To validate knowledge Mr. Corll has also obtained multiple security related IT certifications. These include: CISSP, SANS GCFA, and GSNA. Former certifications range from: Solaris SCSA, CheckPoint CCSE, Cisco CCNA, and MCSE+I). By having multiple SANS certifications Mr. Corll is able to reference the differing classes and make recommendations on the students attending the other courses if they want in-depth training in that area.
Chris is currently a Chief Information Security Officer at Sharecat Solutions, administering the security challenges of a medium sized, multi country business. Along with a lot of security expertise, Chris also has a background in system development and application management. His vast amount of experience within the many different areas of IT has worked as an excellent precursor for his security enthusiasm.
Chris is an open, sharing, and fun person to be around. He is enthusiastic and motivating as well as positive and optimistic. A fun day for Chris is when he is penetration testing, problem solving or discussing program code or network protocols. He is passionate about security, both IT and physical security and his favorite part is web application security.
Inspired by people like Ed Skoudis, Chris is an aspiring security professional. He is driven by mottos like "Magic is just science we don't understand yet" and "Think bad, do good". Chris looks forward to teaching and sharing his experience with his students. You can learn more about Chris via:
Wayne has been in the IT and information security industry for 14 years building networks and developing security programs. He has worked for a number of banks, a credit union, a national laboratory and a major lender in his home state. These positions have ranged from him being the IT department to working in an organization of 12,000. He has seen the wide range of needs, budget, and attitudes that IT must work with each day. This experience in the financial and defense industries makes him no stranger to regulation and solving problems in very creative ways. His broad range of knowledge and experience has earned him the CISSP, GIAC GCFW, MCITP:Server Administrator, Network+, and A+ certifications. He looks forward to mentoring because he enjoys learning himself and sharing his knowledge and experience with others.
Jason has been practicing in the technology industry for 10 years. Security has always been a major focus, and his sole focus for 4 years.
Jason has an ardent interest for following trends and identifying new technologies and relevant applications. His devotion to continuous learning and research keeps him ahead of the curve. He currently holds GSLC and GSEC certifications.
Currently employed as a Technology Security and Compliance Manager, he has working knowledge of various security related technologies and vendors. Such technologies include Rapid 7 Nexpose and Metasploit, Logrhythm SIEM, and Palo Alto Networks Next Gen Firewalls. Working specifically in the realms PCI-DSS Compliance, and SOX Compliance, Jason has experience with leading, deploying, and evaluating compliance programs.
Recently, Jason obtained his first SANS Challenge Coin (RMO) during his SEC504 training by being a member of the SEC504 Capture the Flag winning team at SANS Chicago 2013.
Jason has a great ability to communicate technical concepts in a non-technical manner, and welcomes the opportunity to share his knowledge and experience.
Sandra (Sandy) Dunn has over 20 years in the software and hardware industry. Initially starting out in Software and hardware sales she worked with NASA, JPL, Secret Service, IRS, and other Federal Agencies to determine their Server, PC, and Notebook sales. At HP she has worked as a Digital Sending & Security Analyst for HP MFP printers on the Competitive Intelligence team, an ACT Engineer for the Accreditation team for HP that certifies partner solutions with her focus being on security & regulatory, a Security Engineer on the Inkjet PSO team and has just joined the HP Cyber Security team as a Cyber Security Engagement Manager. She has a CISSP, Security +, ISTQB, SANS GSEC, GWAPT, GCPM and is a SANS Mentor. She has two children, a wonderful husband, too many horses and lives outside of Boise Idaho.
Linkedin Profile www.linkedin.com/pub/sandra-dunn-cissp/10/974/472/
Jesse Fernandez currently works as a Senior IS Audit Specialist in the insurance industry. In his role, Fernandez conducts complex information security audits. During 2012, Fernandez worked with the PCI Security Standards Council to develop guidance around conducting a PCI DSS risk assessment in the role of Content-Coordinator to ensure document consistency, technical soundness, and assist in the development of the table of contents. Fernandez holds the GSLC, GSEC, GCED, GCIH, CISSP, and CISA certifications, has over ten years of industry experience, and has been a guest speaker for SANS, ISACA, and the ISSA.
Matt Foreman is the Lead Security Consultant and a Managing Partner at Shield 7 Consulting. A Security Consulting Firm based in Maryland with customers ranging from Hospitals to Energy Companies and Fortune 1000 clients. Matt is the lead of the Penetration Testing team, and Security Architecture Team. He also is a co-founder of the Primal Security Podcast and Blog; which focuses on CTF's, Malware Analysis, Penetration Testing, and Security Research. Mr Foreman has been in the Security Industry for over ten years, and has held positions ranging from Firewall Administrator, Penetration Tester, and developing a Managed Security Practice.
Eric Fulton is a specialist in network penetration testing and web application assessments. His clients have included numerous Fortune 100 companies, international financial institutions, global insurance firms, government entities, telecommunications companies, as well as world renowned academic and cultural institutions. Eric has spoken at the global hacker conference Defcon, taught at the prestigious Blackhat Conference, and has spoken at numerous community events. Recently, Eric founded SubSector Solutions, a world-class information security company based in Bozeman Montana and mentors for the SANS Institute. Eric contracts with a diverse range of companies and governments, presents bleeding edge research at national and international conferences, and creates game-changing technologies through advanced research. In his free time Eric enjoys the Montana outdoors and lobbies for increased privacy legislation
After serving the country in the United States Navy for 8 years, Charles (Chip) Greene began his career in Information Technology. Over the next 18 years, Chip has held positions in Support, Design, Research and Development, Education, Disaster Recovery, and most recently in Information Security. As a Senior Information Security Analyst, Chip leads the Identity and Access Management Team at Virginia Commonwealth University Health Systems. Chip has received a Bachelor's Degree in Information Systems from Virginia Commonwealth University, and a Master's Degree in Disaster Sciences from the University of Richmond. He currently holds a GIAC Security Leadership Certification and previously held the Cisco Certified Security Professional certification. Mr. Greene was also honored with an Outstanding Educational Performance Award from the University of Richmond upon graduation from his Masters program. Education and training are extremely important to ones career and Chip believes that it is important for everyone to take advantage of the opportunities presented to them. The SANS Mentor Program is an outstanding way for Information Technology Professionals to gather, learn and develop from each others experiences and knowledge.
Matthew J. Harmon brings over two decades of offensive and defensive security industry knowledge including; systems administration, international standards development, penetration testing, incident response and digital forensics, methodological risk assessments, GRC and a deep understanding of underlying technologies to his sessions.
Mr. Harmon leads and manages the risk assessment and tactical control testing consulting firm IT Risk Limited based in Minneapolis, Minnesota. In additon, he leads the (ISC)2 Twin Cities MN Chapter, present frequently, participates on several advisory boards, is organizing Security B-Sides MSP and maintains an online knowledge base of security and gardening tips at matthewjharmon.com . """
Links -> to:
"IT Risk Limited" -> https://itriskltd.com
"(ISC)2 Twin Cities MN Chapter" -> http://isc2tc.org
"Security B-Sides MSP" -> http://bit.ly/BSidesMSP2014
"knowledge base" and "matthewjharmon.com" -> http://matthewjharmon.com
Dave Harris is a Senior Principal Systems Engineer at General Dynamics-Advanced Information Systems. He has spent 25+ years in Information Technology including software and database design and development (Oracle, Java, C/C++, etc.), systems and system security engineering, enterprise data modeling and architecture (DoDAF). He currently works on an internal research and development program investigating the use of Big Data technologies and analytics in network defense operations. He is also currently the ISSE Lead on a program for a DoD customer which inserts automated malware detection technology into the Customers network infrastructure and is transitioning from DIACAP to NIST 800-53-based C&A in the life cycle for this program.
Dave was previously the Scrum Master for two projects involved in the development of cyber event indicator databases and automated malware analysis systems at the Dept. of Homeland Security. In addition to the PMI-ACP (PMI Agile Certified Practitioner) and CompTIA Network+ certifications, Dave holds the (ISC)2 CISSP, (ISC)2 CSSLP (Certified Software Security Lifecycle Professional) and GIAC Reverse Engineering Malware (GREM) certifications.
Dave is committed to making sure the broad exposure to actual tools and techniques of malware analysis provided in this course can be applied the next day at the students work location. Far from a death-by-powerpoint experience, we will discuss real-world situations, applications and case studies. Software developers and system administrators, especially, will appreciate the discussion of coding issues and OS data structures behind the analysis of malware.
Dave enjoys going on malware analysis and pen-testing adventures with the malware analysis lab in his man cave and networking with like-minded folks. His desire is to provide hands-on, example-oriented experiences with students and looks forward to what he will learn from students in the process of mentoring and teaching.
James Harris got his first job in information security at the age of 15, as the administrator of a BTI-4000 mainframe for his high school in Durham, NC, and at age 16 added a second part-time job assembling and testing computers at a small PC integrator called Dramen Computers.
After earning his degree in Physics from North Carolina State University in 1994, Jim went to work at IBM as a hardware engineer for the PC Company, specializing in the design of computer graphics and video systems. Jim was one of the founders of the Digital Display Working Group, and helped author the DVI specification. In 2000, Jims work on DVI led to a job as a Senior Field Applications Engineer with Silicon Image in, a semiconductor company specializing in high speed serial digital interface chips, where he worked helping to design Silicon Image parts into digital video and high-speed storage systems.
After the tragic events of 9/11, Jim decided to go to work as an FBI Special Agent. His first field office assignment was in the Sacramento, CA field office, where he worked mostly cybercrime matters, specializing in Internet Crimes Against Children. Jim worked heavily in Computer Forensics as a member of the FBI CART team, earning his Encase Certified Examiner status in 2007. In 2009, Jim became the supervisor of the Cyber Squad in Sacramento, as well as the Commander of the Federal Cyber Crime Task Force there. Jim earned his ISC^2 CISSP certification that same year. In 2010, Jim was selected to a supervisory position at FBI Headquarters Cyber Division, and served in a number of positions, including as the Senior Liaison Officer to the United States Computer Emergency Readiness Team (US-CERT). In 2012, Jim earned his GSEC certification, and later that same year became the Assistant Section Chief of the FBI's Counterterrorism Internet Operations Section.
Jim left the FBI in 2013 to go to work for Obsidian Analysis, A Washington, DC-based professional services firm providing analytical and policy consulting for homeland security, national security, and intelligence decision makers. As the Senior Specialist for Cybersecurity, Jim advises clients on policy and preparedness in Cybersecurity. Jim's enjoys hearing himself speak, and can't wait to teach others!
Arlie Hartman is an information security veteran with over 10 years experience in IT. He has worked in healthcare, manufacturing, and security consulting. Arlie has conducted compliance assesments, managed incident response, and led enterprise infrastructure projects. Arlie holds the ISC2 CISSP and GIAC GSEC certifications. You can connect with him on twitter @arliehartman or on linkedin http://www.linkedin.com/in/arliehartman/. Arlie is very passionate about developing peoples interest in information security.
David Hazar is a seasoned IT security professional with a broad technical background that includes experience in both network and application penetration testing, software analysis, design, and development, database development and administration, network/server analysis, design, and administration, data center design and implementation, technical support, and telecommunications. He holds both a Bachelor of Science, Informaiton Systems and a Master of Information Systems Management from Brigham Young University. He is currently employed by Aetna as an Information Security Architect. He holds the CISSP, GCIA, GCIH, Certified FAIR Risk Analyst, MCDBA, and ITIL v3 Foundation certifications and has previously held both the CCNA and CCNP certifications from Cisco.
Justin Henderson is a passionate and dedicated Information Technology professional. He has been in the Information Technology field since 2005. Justin has a proven desire and ability to achieve comprehensive industry training and uses his knowledge and experience to mentor others. Justin has a high proficiency in technical platforms including operating systems, networking, security, storage, and virtualization but has also applied himself in governance, project management, as well as service management. Currently, Justin holds a Bachelors of Science in Network Design and Administration from Western Governors University and has over 40 certifications some of which are below: Networking - Cisco Certified Network Associate Virtualization - VMware Certified Professional 5 and VMware Certified Professional 5: Desktop Database - MySQL 5 Database Administrator Governance/Service/Project Management - Project Management Professional, ITIL Continual Service Improvement, Certified in Risk and Information Systems Control, Certified Information Security Manager Microsoft - Microsoft Certified Information Technology Professional: Enterprise Administrator and Microsoft Certified Security Engineer 2003: Security Security - GIAC Penetration Tester, GIAC Windows Security Administrator Certification, Licensed Penetration Tester, Certified Ethical Hacker v5, Computer Hacking Forensics Investigator, EC-Council Certified Security Analyst, Tenable Certified Nessus Auditor, Certified Sonicwall Security Administrator, Certified Information Systems Security Professional, Security+ Justin has also taught Network Security at Lake Land College. Some of his other achievements include mentoring individuals in the Information Technology field as well as developing the virtual dojo, a fully automated Cloud Computing solution showcase environment.
Cliff's professional career started 18+ years ago as a help desk analyst supporting mainframes and dial-up internet. He progressed through desktop support, desktop management and server administration and joined the security team in late 2008. The wide diversity of topics in security has Cliff thirsting for knowledge like he was a teenager again.
Cliff currently holds CISSP, GPEN, GWAPT, OSCP, MCSA 2000/2003 and Security+ certifications.
Occasionally (read rarely), Cliff will add something mildly informative to infosecandotherstuff.blogspot.com.
Nathanael Kenyon started his computer career as a Network Administrator for the United States Marine Corps, where he designed, built and ran Local Area Networks in the U.S. and overseas. Upon leaving the military Nathanael joined the Navy Marine Corps Intranet project as a Lead Network Engineer. He is currently working for SAIC as a Network Engineer and Intrusion Detection Analyst. Nathanael holds a B.S. in Management Information Systems and holds Cisco's CCNP, CCNA, CCDA certifications. He is a Snort Certified Professional and is a GIAC Certified Incident Handler.
Dennis King is the Chief Security Officer and President of Working Security Inc., a Saint Louis provider of information security risk management, compliance, and governance services. Dennis brings over 20 years experience working with more than one hundred large and small companies across the globe including Finance, Energy, and Healthcare clients. He has led development and management of compliance and secure infrastructure solutions at IBM and other IT outsourcing, cloud, and internet service providers, brought IaaS security services to market, led HIPAA, SSAE-16/SAS70, ISO/IEC 27000, PCI-DSS assessments, and managed a variety of forensic investigations. Dennis holds CISSP, GCFA, C|CISO, PMP and CSM certifications. He earned an MBA from Washington University in St. Louis and a BS in Engineering from Purdue University.
Ben S. Knowles, BBST, CISSP, GSEC, GCIH, GCIA, LPIC-1 (adric) is a technologist and researcher in the Atlanta, Georgia, USA area. In high school, he competed at the national level in Constitutional Law. He has been a professional computer security consultant, technical trainer, and system integrator and is currently certified as a black box software tester, internet security professional, incident handler and analyst, and Linux system administrator.
Ben has lectured lower division Mass Communications, Political Science, and Computer Technology classes on Digital Media and Intellectual Property Law and has taught basic computer repair, networking, and information security classes. Currently he is a security system administrator on the incident response team at the Atlanta office of a global IT services firm.
Sundar is SANS-GISF and GSEC certified and a senior software development leader with IMS Appature in Seattle. He earned the title of "Professor Sundar" from his previous team at Microsoft for teaching skills and has trained multiple teams on different aspects of software development. To make you think about information security the same way you think about physical security for yourself and your family is the holy grail. He is @sundarnut on Twitter for the latest #infosec topics, trends and incidents. Sundar aims to be a mentor so he can inculcate security as a fundamental technical trait and make it the best lecture you've ever taken!
Anthony should be the first Hong Konger publishing GREM gold paper and speaking in Blackhat USA 2010, DEFCON 18, DEFCON 19 as well as Hack-In-Taiwan and has set up a security research group called VXRL (www.vxrl.org) in HK, which connects various hackers and security researchers in the planet and co-found Xecure Lab (www.xecure-lab.com) on APT research and detection service. Frankie and Anthony as well as another VX fellow, DDL, has published a case studies paper about APT case studies accepted by IEEE Malware 2011 conference.
He is the chairman of OWASP (HK Chapter), program committee of PISA, extended committee member in HTCIA (Asia Pacific Chapter) and actively provided various technical seminar sessions to the practitioners in Hong Kong.
Other certified as GREM (Gold), he is also GCFA and GWAPT holder.
David Mashburn is currently the IT Security Manager for a global non-profit organization in the Washington, D.C. area. He also has experience working as an IT security professional for several civilian Federal agencies, and over 15 years of experience in IT. He holds a Masters Degree in Computer Science from John Hopkins University, and earned a B.S. from the University of Maryland at College Park. David holds multiple security-related certifications, including CISSP, GPEN, GCIH, GCIA, and CEH. He is also a member of the SANS / GIAC advisory board, and teaches courses in the Cybersecurity curriculum at the University of Maryland - University College.
Currently, he is part of a team that architects, implements, supports and manages a wide variety of network security solutions while also working with other groups on a range of other activities such as incident response and electronic investigation.
Stephen says, "I have had the good fortune to see the IT and security worlds from a variety of perspectives. I have experienced the challenges of security practice on both a very small and very large scale. I very much enjoy technology and love getting my fingers into everything. Mentoring the material will help to keep it fresh in my mind and I expect that I will be able to learn some things from students as well." He looks forward to the personal networking that will also occur within this class.
He currently holds several GIAC certifications
William's career in information technology started early when he earned his Cisco Certified Network Associate (CCNA) certification just out of high school. In pursuit of a career where he could put this knowledge to good use, he shortly thereafter began work for Symantec, supporting a majority of their enterprise-class security software. While working at Symantec, William had an opportunity to support a plethora of different security technologies, including endpoint protection, perimeter protection and content filtering. He even spent time on the virus removal team where he expunged countless Nimda, Blaster, and Klez infections.
The majority of William's time at Symantec was spent on the intrusion detection, compliance and event management team, where he supported Symantec Network Security, Symantec Security Information Manager, Symantec Enterprise Security Manager, and others. For seven years, William worked for SELCO Community Credit Union as their Information Security Administrator, seeing numerous security-related projects through to completion. William now leads a team as their Information Technology Manager.
William is a holder of the CISSP certification and numerous GIAC certifications, including the little-known but prestigious GIAC Security Expert certification. Moving forward, William is focusing his energy on networking, collaborating and sharing knowledge with others. He is excited to share passion for the field with his peers in the classroom.
Timothy McKenzie has more than 15 years of IT and Information Security experience working in financial, government, defense contractor, and service related markets. Timothy has been trained in malware research and exploit development, expert penetration, and forensics work. He uses these skills professionally throughout his daily work, as well as placing within the top 5 in many CTF events. Timothy loves sharing the vast knowledge he has acquired to give back to the Information Security community.
Philip McNamara is an Information Technology veteran with 20 years experience. He started back when PC networks were new, Token Ring was something special, and PIX Firewalls booted from a floppy disk. Over the years Mr. McNamara has transitioned from Network Engineering, through Enterprise Operations to his current role in Enterprise Network Security. Though his efforts have primarily been in the Health Care market, security and incident response have always been a responsibility. As a SANs mentor, Philip would like to build on that experience and be able to share it with others.
Andrew is a security geek who enjoys learning about all things security. By day Andrew works as a DoD contractor for Secure Mission Solutions providing an array of security consulting services. By night he is researching, coding, or "geeking out" with the members of Primal Security Podcast.
Andrew holds numerous qualifications in the security industry, including, but not limited to GIAC (GPEN, GCFA, GCIA, GCIH, GREM, GSEC), OSWP, and CISSP. He plans to continue his quest for knowledge by pursuing the GIAC Security Expert (GSE) certification. Andrew looks forward to helping as many as he can on his way to GSE.
Paul has a passion for teaching and training new cyberwarriors in the never ending arms race against malicious network intrusions.
Paul currently holds the following industry certifications:
On learning hacking techniques to better know how to defend against them;
Know thy self, know thy enemy. A thousand battles, a thousand victories. Sun Tzu
Jose Manuel Mendez is at present a security consultant for Unisys Corporation. He has been working for more than 11 years in security policies and architectures definition and implementation and deployment of them in big local and top worldwide companies as well as local government. He also has a deep knowledge and experience in the SIEM field where he has been involved in the last 4 years in SIEM projects for big telecom companies and banks. He currently holds the CISSP, GCIH, GPEN, and GSEC certifications as well as several product certifications like Cisco CCNP Security, CCSP, ArcSight ACIA, ArcSight ACSA, CheckPoint CCSE NG.
Thomas (CISSP,GCIH) has been working in the information technology field since 1996 where he has worked in field IT service positions. Thomas worked as a Field Support technician for the faculty and staff at Santa Clara University in Northern California with a focus on malware remediation and leveraging Linux solutions to complex security and networking issues. As of May 2008, Thomas has worked as a computer forensics and incident response analyst in the Western United States. He also spent 12 months on a combat-tour deployment in Southwest Asia in a Computer Network Defense (CND) role and served as a vulnerability assessment analyst for the US Army. Thomas attended Forensics Response training at Carnegie Mellon University (CMU) and was asked to deliver and teach this course to military audiences. Thomas is currently serving as a US Army Warrant Officer for the Army Reserve Information Operations Command (ARIOC) delivering support to the National Security Agency (NSA) in their yearly service academy exercises; performs training with and supports the US Army Regional Computer Emergency Response Team-Continental United States (RCERT-CONUS); when he was deployed to the Middle East, Thomas served with the US Army Regional Computer Emergency Response Team-Southwest Asia (RCERT-SWA) and was posted all over Afghanistan and Iraq. Thomas is currently holding the certifications for the EC Councils Certified Ethical Hacker (CEH), Guidance Softwares EnCase Certified Examiner (EnCE), Comptia Security+, and SANS GIAC Reverse Engineering Malware (GREM) and Certified Incident Handler (GCIH), and the (ISC)^2 Certified Information Systems Security Professional (CISSP) certifications. n addition Thomas is currently qualified for the US Department of Defense as a Digital Media Collector as a result in training the Defense Cyber Investigations Training Academy (DCITA).
Aaron Moss has over 10 years in Information Technology, working in positions ranging from Helpdesk to IT Manager. He is very passionate about IT, especially InfoSec. He currently holds the GIAC GSEC certification, a Bachelor's in Information Systems Security from ITT Technical Institute, and is working towards completing other non-GIAC certs, such as Cisco's CCNA and VMware's VCP. Aaron is very excited to be helping people achieve their goals, and learn something new everyday. He loved taking the GSEC course and exam and wants to help someone else accomplish their dreams too.
Over 25 years of international experience spanning all continents in the areas of IT Application Delivery, IT Infrastructure, IT Security Management, Project Management and Operations Management.. A proficient trainer in the areas of Project Management, Risk Management, ITIL, Cisco Technologies and IT Security.
- Certified Project Management Professional since 2006
- Excellent track record in leading numerous project teams for deployment of business solutions
- Excellent track record as a trainer teaching PMP, RMP, ITIL, Project +, Security +
- Strong ability in integrating disparate technologies, processes and people to achieve strategic alignment of IT solutions with business goals and objectives.
- A wide range of experience and knowledge cross cutting several infrastructure technologies and Application Delivery solutions.
- Extensive global experience spanning over 30 countries.
- Worked as Pre-Sales/Post-Sales Consultant in Australia
- Held several leading positions in the 12 years of service with World Bank
- Holds several certifications such as
PMP Project Management Professional , PMIs certification for Project Management.
CSM Certified SCRUM Master
CEI Certified EC-Council Instructor
CTT+ - Certified Technical Trainer
ITIL IT Infrastructure Library, Foundations
Managing IT Projects through George Washington University based on PMIs methodology
ECM Master AIIMs methodology for Enterprise Content Management
CEH7 Certified Ethical Hacker
Joel Offenberg works for Vantage Systems, Inc. as a Senior Security Engineer for the Joint Polar Satellite System at NASA's Goddard Space Flight Center. He is also Vantage Systems' Chief Information Security Officer and is a member of the business development team. His current job focus is IT security planning, continuous monitoring and security critical operational systems. Joel has worked as a contractor at NASA's Goddard Space Flight Center since 1991.
Joel holds a B.A. in Physics, an M.S. in Computer Science and CISSP, PMP, GSNA and GSEC certifications. He is a founding member of Information Assurance @ Goddard seminar series, where he is also an occasional speaker.
Joel always enjoys participating in SANS as a learner and is excited to be have the opportunity to share his experience.
John is passionate about software security. He holds the CISSP, GWAPT, GSLC and GCIH certfications, and is a masters candidate in the SANS Technology Institute's Information Security Management program. Prior to joining Caliber Security Partners, he was Director of Security and Compliance for Healthagen, Aetna's emerging businesses division. John has 19 years of experience in information technology and software, and 15 years of experience in IT security. His security and compliance background is in healthcare and secure development. He is a graduate of Brigham Young University. John is a "life hacker" and enjoys programming Arduino and Raspberry Pi devices. When he's not playing geek, John is a triathlete, avid outdoorsman, photographer, and licensed amateur radio operator (K7JTO). John resides in Salt Lake City with his wife and their six children.
Miguel Pabon is a recognized Information Assurance (IA) subject matter expert with over twenty years of experience. He is currently a Manager within the Corporate IT Security Organization, where he is responsible for the security integration of all company acquisitions. Prior to his current position, Mr. Pabon was Manager of IT Security Special Technologies & Analysis Team (forensics, eDiscovery, malware analysis, reverse engineering, cyber security R&D). His over20 years of combined defense and commercial experience in the fields of cyber security, information assurance, embedded systems, kernel mode and driver development, software engineering, Service Oriented Architecture (SOA), vulnerability assessments / penetration testing provide him with a unique perspective of both the defensive and offensive sides of cyber security. In 2010, Mr. Pabon was the recipient of the Raytheon IT Front Line Leadership Award, which recognizes an individual's contributions to the development of an organization and its advanced capabilities. Mr. Pabon has earned the following industry certifications: Certified Information Systems Security Professional (CISSP), GIAC Reverse Engineering Malware (GREM), Certified Forensic Analyst (GCFA), Certified Intrusion Analyst (GCIA), Security+, LAW PreDiscovery Electronic Data Discovery (EDD), ITIL V3, Six Sigma Specialist. As part of his continued educational endeavors, Mr. Pabon has earned a Bachelors Degree in Computer Engineering from the University of Puerto Rico at Mayagez, as well as being a graduate of the MIT Sloan School of Management, Management & Leadership Program.
Mike is the Comptroller for Black Hills Information Security as well as former Executive Producer of the PaulDotCom Security Weekly podcast. Trained as a Civil Engineer, he found that he was more interested in the underlying operating system of the Engineering tools than the tools themselves. He has worked in QA for Dassault Systemes, Technical Support for RSA Security, as a firewall analyst for Verisign & Dell SecureWorks as well as a Network Security Analyst in the financial services realm. He holds the GSEC, GCIA, GCIH, GCFE, GCFW, and GPEN certifications from SANS and a BSCE from Northeastern University.
Kevin Perryman started working with computers when he was 11 years old. Over the years Kevin has developed programs in 30+ computer languages, built personal computers from scratch and repaired computer hardware. Kevin has spent time reverse engineered software and data structures when the developing companies no longer supported their products. Long before it was called Forensic Data Recovery, Kevin developed his data recovery skills working for previous employers when hardware would fail. Using commercial applications, and when needed writing his own programs, to extract critical data elements from failed hard drives, floppy disk, zip drives and CD media. Kevin has developed skills in remote technical computing, data recovery, data analysis and email tracing. Kevin currently is self-employed providing IT Support to small business while also working as a Private Investigator.
Jeremy has worked in networking for the past 20 years, with an emphasis on security over the last 5. Jeremy earned a Master's Degree from the Minnesota School of Business in Information Technology. He is a founding member of Salt Lake City's hacker community, DC801. When he's not playing with packet captures or staring at source code, Jeremy can usually be found snowboarding or mountain biking throughout the Rockies.
Experience: Vice president of Infosec and forensics at AVM Technology, LLC Cyber Operations with U.S. Marine Corps Attorney specialized in Internet Law and president of the Rivera Law Group Accomplishments and Certs: GPEN, GCIH, GSLC CCE Admitted to the Virginia State Bar Websites: www.infosecusa.com www.forensicsvirginia.com www.cyberinternetlawyer.com I would be excited to to mentor the course as it would be a great opportunity to apply my knowledge and skills in order to assist others and improve the profession while improving myself.
Valter Santos is a security analyst at Portugal Telecom. He has 13 years of experience in forensic analysis, incident response, intrusion analysis and penetration testing. Valter likes to attack live malware in the morning, kill it and autopsy it by noon. He holds the GCFA, GCIA, GCIH and GSEC certifications.
Felix has more than 20 years of experience in IT and IT security. He held positions as IT systems engineer and IT advisory manager at a big four company. He has experience in IS management, IS auditing, IS consulting, attack & penetration testing, and IT forensics. He holds a BSc (hons) in science of computing (University of Derby) and a postgraduate certificate in business administration (Open University). His certifications include among others CISA, CISM, CISSP, GCUX, and EnCE. He was a key contributor to the OSSTMM.
He enjoys sharing his knowledge and learning from peers. He is looking forward to active discussions in class.
Selvan has been in IT for over 23 years, specializing in Unix/Linux Systems Administration. He has previously worked at the IBM and the US Air Force (focusing on parallel processing and Distributed Security and File Systems). As an IT Manager at Progressive Insurance, he has led teams from IT Operations to Enterprise Architecture. His current focus is IT Security Engineering and Architecture. He is also a Adjunct Professor at Cleveland State University teaching Java and Unix/Linux Systems Programming. His current efforts include an active proposal with the CIS Department to establish a DOH (Department of Homeland Security) accredited Information Security track at CSU.
Jonathan Squire is a founding member of the Information Security Group of a well known publishing and media company. Jonathans expertise covers a wide range of skills including security architecture, incident response, hacker attack and defense techniques, reverse engineering, and extreme curiosity in how everything works. While working at his day job, Jonathan is credited with accomplishments that include developing an Information Security model for the enterprise, architecting a secure, centralized credit card processing solution, and guiding the design of the security infrastructure deployed throughout many customer facing properties. Mr. Squire is also responsible for providing direction in governance and industry best practices. Jonathan regularly scopes and leads penetration testing and security assessment initiatives, as well as providing guidance for corrective actions and performing debriefings across all levels of the organization. In his spare time, Jonathan is known to enjoy disassembling any piece of technology that cost more than $20 just to find out what else it can do. This propensity for abusing technology is easily witnessed by viewing the buckets of broken parts strewn throughout his basement as well as the creations that rise from the rubble. Jonathan has presented on many of these creations and the flaws that allowed the security to be bypassed on these systems at conferences including BlackHat and Hack in the Box. Jonathan is very passionate about information security and always strives to challenge the status quo and to improve everything he can. Jonathan shares that passion with his student in his teaching style and his genuine willingness to share and engage students in all topics related to information security.
Ron has been working in the information security field for the past 15 years. He worked as a consultant for ten years, gaining experience in many areas. For the past five years he has been working as an engineer for Cisco Systems in RTP. His focus is on evaluating the security of Cisco products and working with the development teams to implement high security standards. Ron is a subject matter expert in DISA STIGs and web application penetration testing. He also holds many industry certifications including GPEN, GCIH, GWAPT, RHCE, CCSP, CCNA, CISSP and MCSE.
Nick Thomas has 27 years of experience in the IT field. He has a Master degree in Public Management, and multiple certifications including the Certified Information Systems Security Professional (CISSP), Secruity+, Network+, GIAC Certified Incident Handler (GCIH) and GIAC Security Leadership (GSLC). Three disolved startups covered his first 16 years of employment. The LISP (for "List Processing Language") programming language, the term "artificial intelligence", 300 baud modems, dumb terminals and thin-net were the training ground. After three layoffs, Mr. Thomas obtained a master degree mixing business and computer courses. In the process, volunteering for the CMU Robotics Institute Red Racing Team and Tartan Racing team. They entered computer controlled vehicles in the DARPA Grand Challenge races in 2005 and 2006. Mr. Thomas finds cutting edge technology quite exciting. If you have read this far, he would like to suggest that you, your associates and high school children (yours, your neighbors and church youth group) should view "The Last Lecture", "Really Achieving Your Childhood Dreams" by Randy Pausch. It was presented to the CMU student body September 18, 2007 at Carnegie Mellon University. The lecture can be viewed on line or you can purchase a DVD. Randy Pausch Really Achieving Your Childhood Dreamswasnt about dying. It was about the importance of overcoming obstacles, of enabling the dreams of others, of seizing every moment (because time is all you have...and you may find one day that you have less than you think). http://www.cmu.edu/randyslecture/ http://www.thelastlecture.com/ http://bookstore.web.cmu.edu/GeneralBookDetails.aspx?type=6&BookID=822942 Also: Save the earth. It's the only planet with chocolate Currently Mr. Thomas works for the federal government in Baltimore. Hobbies include sailing, hiking, gardening, antique cars, photography and exercise.
Sterling has worked in the IT Security field since 2006. Working on the Security Operations desk for a nationwide telecommunications project with the FAA, he quickly gained experience in a multitude of technologies which provided him with the foundational knowledge that has served him well in his career since. As a Unix/Linux Systems Administrator for the largest, privately owned wireless telecommunications provider in the U.S., Sterling was involved in a number of PCI compliance driven projects and served on the PCI Compliance team. Currently, Sterling serves as a Security Consultant performing general security audits, penetration testing (network, web application, wireless, and social engineering), specialized training, intrusion investigation, etc. Sterling holds a M.Sc. from Mississippi State University in Information Systems and a Bachelor's degree from Millsaps College in Anthropology/Sociology. He holds a number of industry certifications including GSEC, GCIH, GWAPT, GCUX, RHCE, eCPPT, SCSecA, Security+, and Network+. http://lnkd.in/yhkyEx
Larry Thompson is a seasoned IT professional with over 15 years experience and a strong background in Information Security and Systems Management. He has been an Infomation Systems Security Engineer as a contractor to the Federal Government for the past 6 years focusing on Risk Assessments and Certification and Accreditation. Prior to that, he was part of the security team responsible for the protection of healthcare systems and patient information under HIPPA regulations. He has also worked as a security and system engineer for a major Virtual Private Networking (VPN) manufacturer developing both commercial and federal government grade encryption products. Larry currently holds a Bachelor of Science in Computer Networking as well as CISSP-ISSEP, GSEC, CRISC, and CEH certifications.
Andres Velazquez, President and Digital Investigations Director of MaTTica; the first computer forensics private Lab dedicated to the investigation of cybercrime in Latin America.
He has more than 30 international certifications in the area including: Certified Information Systems Security Professional (CISSP), GIAC Certified Forensics Analyst (GCFA), GIAC Certified Forensics Examiner (GCFE), AccessData Certified Examiner (ACE) and NSA INFOSEC Evaluation Methodology (IEM) by the NSA in the US.
He trains and gives advice to different law enforcement agencies in Latin America including INTERPOL and UN.
Member of the High Technology International Association (HTCIA) , Latin American Fraud and Financial Crimes Investigation Association (ALIFC), Internet Society (Mexico Chapter) and the Latin American Information Security Professionals Association (ALAPSI) where he has part of the board from 2005 to 2007. He also was a member of the Cybercrime Combat Group part of the Federal Police in Mexico and member of the Network Information Center (NIC) Mexico Consulting Committee.
He has done all kind of training in Universities, Law Enforcement Units and Organizations.
Jon Villanti is an IT Security Manager with a Fortune 50 financial services company in Houston, TX. He has 22 years of IT experience; 12 years focused in IT security.
Prior to his current role, Jon has worked as an IT Security consultant, VP of Operations, CIO / VP and CEO. Jons private sector experience is augmented by over 20 years of Air Force experience, ranging from Intelligence Operations, Fighter Pilot, and Cyberspace Operations.
As a SANS mentor Jon enjoys working with students to realize their own Eureka moments, mastering relevant curriculum in support of personal and professional goals.
Jon holds several IT Security certifications including CISSP, GPEN, GCIH and GSEC. His LinkedIn profile is http://www.linkedin.com/pub/jon-villanti/20/a51/282. You can follow @houston_jon on Twitter.
Jarred White has more than a decade of security consulting and engineering experience, and has occupied senior consultant and lead engineer roles at recognizable companies such as Dell SecureWorks and The Home Depot Corporation. In his current role with payment security and compliance solution provider ControlScan, White leads the Security Engineering Services team and he also serves as the companys subject matter expert for security engineering and risk-based consulting engagements. He brings considerable experience to ControlScan in the areas of penetration testing, risk analysis, social engineering and security engineering. He has consulted with companies ranked in Fortunes top 50 and top 100 companies, including financial institutions, public entities and not-for-profits. White is also an accomplished public speaker, having created and delivered presentations and engaging discussions on subjects ranging from emerging trends and best practices in information security to social networking and IT risk management. He has delivered global Web presentations on risk analysis and mitigation, and his commentary has been published in a variety of online forums. White is currently a Certified Information Systems Security Professional (CISSP) and a GIAC Web Application Penetration Tester (GWAPT).
Rodger has over 14 years of experience in the computer security arena as an Incident Handler and Forensic Analyst. Rodger began his career as a Signals Intelligence Analyst in the US Army conducting Cyber Threat Intelligence. After serving in the Army, Rodger continued support to the Army as a Defense Contractor with the Army Computer Emergency Response Team (ACERT) working as an Incident Handler. Rodger then moved on to a Senior Incident Handler role leading a team of incident handlers for the Regional Computer Emergency Response Team CONUS (RCERT-CONUS) where he responded to security incident involving computer infections and intrusions. Rodger is currently the Federal lead for the Research and Forensics team within the US Department of Health and Human Services Computer Security Incident Response Center (CSIRC) where he is responsible for leading network, memory and disk based forensics, malware analysis and incident response activities. Rodger holds CISSP, DoD CDFE, GCIH and GCFE certifications with goals of completing the EnCE, GCFA and GREM certifications in the near future. He is also pursuing a Masters of Science in Digital Foreniscs at the University of Central Florida. Rodger is excited to mentor his peers in DFIR and Incident Response while learning from their experiences.
Ed started off his humble beginnings as a tinkerer, fighting boot sector viruses then fell in love with Security.
He has worked on projects both from a technical and a managerial perspective spanning several industries and countries. Currently holding a CISSP, GPEN, GCIH, GCWN amongst others, he is working towards obtaining his GSE.
Ed enjoys socialising with like minded people, thrives on technical, social, managerial challenges and is always ready to assist with worthy challenges.