Register for Network Security-Vegas by Sept. 3 for $250 discount. >> More Info
the most trusted source for computer security training, certification and research
select a course
Washington, DC - July 22 - 31, 2008
Global Information Assurance Certification

SANS delivers the best training I have seen in the industry.
-Brian Hughes, Idaho State University

Faculty for SANSFIRE 2008

Paul Asadoorian
Paul has over 5 years experience working in the information security field. His work experience covers both major corporations and academic institutions. He currently holds two SANS GIAC certifications in intrusion detection (GCIA, GIAC Certified Intrusion Analyst) and incident response (GCIH, GIAC Certified Incident Handler). Paul also sits on the GIAC advisory board, has spent one year as a GCIA authorized grader, and continues to stay involved in the SANS Institute, contributing monthly to the SANS Advisor Newsletter. His research can be found in the book Network Intrusion Detection, 3rd edition, the SANS Reading Room web site, and SecurityFocus. Paul has presented for numerous organizations and conferences, including MIT Security Camp, and ISACA (Information Systems Audit and Control Association). Paul graduated from Bryant College with a bachelor of science in Computer Information Systems and currently works full-time for a large University, owns and operates his own security consulting business and maintains a security blog/podcast (http://pauldotcom.com). Paul's goal in obtaining certification is to increase his own knowledge of computer and network security. He has become a Stay Sharp instructor to share his resaearch and teach others to raise their level of security awareness.
top^
Tanya Baccam
Tanya is a SANS senior instructor, as well as a SANS courseware author. She provides many security consulting services for clients such as system audits, vulnerability and risk assessments, database assessments, web application assessments and penetration testing. Tanya has previously worked as the Director of Assurance Services for a security services consulting firm, as well as being the Manager of Infrastructure Security for a healthcare organization. She also served as a Manager at Deloitte & Touche in the Security Services practice. Throughout her career, she's consulted with many clients about their security architecture, including areas such as perimeter security, network infrastructure design, system audits, web server security, and database security. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, CCSE, CCSA and Oracle DBA certifications.
top^
Chris Brenton
Chris Brenton is a private consultant with over ten years experience in the field. He is one of the founding members of the initial Honeynet Project, one of the original Internet Storm Center handlers, and started up one of the first managed security ISP's. Over the years, he's been credited with the discovery of numerous vulnerabilities in various software products. Along with being a published author, Chris is responsible for maintaining all of the material in the SANS Perimeter Security track. In his spare time, Chris teaches rally and high speed off road security driving where he can be found teaching students to make their side window the front of the car.
top^
Dr. Eric Cole, Ph.D.
Dr. Eric Cole is an industry recognized security expert, with over 15 year's hands-on experience. Dr. Cole currently performs leading edge security consulting and works in research and development to advance the state of the art in information systems security. Dr. Cole has experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Dr. Cole has a Masters in Computer Science from NYIT, and a Ph.D. from Pace University with a concentration in Information Security. Dr. Cole is the author of several books including Hackers Beware, Hiding in Plain Site, Network Security Bible and Insider Threat. He is also the inventor of over 20 patents and is a researcher, writer, and speaker. Eric is also a senior scientist with Lockheed Martin Information Technology (LMIT) and Lockheed Martin (LM) fellow. Dr. Cole is actively involved with The SANS Technology Institute (STI) and SANS working with students, teaching, and maintaining and developing courseware.
top^
Jason Fossen
Jason Fossen is a principal security consultant at Enclave Consulting LLC, a published author, and a frequent public speaker on Microsoft security issues. He is the sole author of the SANS Institute's week-long Securing Windows course (SEC505), maintains the "Windows day" of Security Essentials (SEC401.5), and has been involved in numerous other SANS projects since 1998. He was graduated from the University of Virginia, received his Master's degree from the University of Texas at Austin, and holds a number of professional certifications. He currently lives in Dallas, Texas.
top^
Jeff Frisk
Jeff currently serves as the Director of GIAC. He has worked on many projects for SANS including the On Demand product, courseware updates and GIAC exam development. Jeff has an engineering degree from RIT, The Rochester Institute of Technology. Jeff has held various positions including electronic systems and computer engineering, product development and operations management. He has many years of experience working with high-tech companies developing computer hardware and software products. Jeff has been involved with computer systems support and security for over 10 years.
top^
Bryce Galbraith
Bryce began his IT journey at 10 years of age with a Commodore 64 and a 300 baud modem – he never looked back. As a contributing author of the internationally bestselling book, Hacking Exposed: Network Security Secrets & Solutions, Bryce helped bring the secret world of hacking out of the darkness and into the public eye. Bryce has held security positions at global ISPs and Fortune 500 companies as well as being a Senior Consultant on Foundstone’s world renowned attack and penetration team. Bryce also served as Senior Instructor and co-author of Foundstone’s, “Ultimate Hacking: Hands-On” series. He has taught the art of ethical hacking and countermeasures to thousands of IT professionals from a "who's who" of top companies, financial institutions, and government agencies around the globe. Bryce teaches SANS Security 504, "Hacker Techniques, Exploits and Incident Handling” and SANS Security 401, “Security Essentials Boot Camp” for SANS Institute. Bryce is an active member of several security-related professional organizations, he speaks at a variety of conferences and holds a number of certifications: CISSP, GCIH, GSEC, CEH, CHFI, Security+, CCNA. Bryce is currently Lead Consultant and co-founder of Layered Security, Inc.
top^
Bob Hillery
<p>Bob Hillery is a co-founder and Senior Security Analyst with Intelguardians, LLC, of Washington, DC. He brings a global perspective to consultancy through Information Systems Security Management and computer network security incident handling experience in the U.S. Navy, private sector, and R&D. Bob has published a number of papers regarding threat assessment, business systems security management, including a National Institute of Justice project evaluating cyber attack and forensics tools requirements while a Senior Researcher for the Institute for Security Technology Studies at Dartmouth College.</p> <p>He is on the Advisory Boards of the SANS Institute, a variety of academic groups, and small businesses providing technical insights for Information Security degree programs and for corporate and legal digital forensics requirements. He also served as the Vice President of Academic Affairs & Chair of Information Systems Department for NH Community Technical College. He is a certified instructor for the SANS Institute and guest lecturer at such places as the University of New Haven.s National Security Master.s Program and Franklin Pierce Law Center.</p> <p>Bob has Masters degrees in both Strategic Studies and International Relations. His professional certifications include CISSP, SANS GIAC certifications, MCSE and the NSA IAM & IEM.</p>
top^
David Hoelzer
Since 1985, David has had almost any position that you can imagine in the information technology field, ranging from programmer analyst up to chief information security officer. He has been teaching for SANS since 1999, managing and authoring the majority of the audit related materials for SANS in addition to some of the secure coding courses from SANS-SSI. David currently serves as the Chief Information Officer for Enclave Forensics and the Director of Consulting for Cyber-Defense, a subsidiary of Enclave Forensics. He is a research fellow with the Internet Forensics Lab and an adjunct research associate with the UNLV Center for Cybersecurity Research.
top^
Kevin Johnson
Kevin Johnson is a Senior Security Analyst with Intelguardians. Kevin came to security from a development and system administration background. He has many years of experience performing security services for Fortune 100 companies, and in his spare time contributes to a large number of open source security projects. Kevin founded and leads the development on B.A.S.E. (the Basic Analysis and Security Engine) project. The BASE project is the most popular web interface for the Snort intrusion detection system. Kevin is an instructor for SANS, teaching both the Incident Handling and Hacker Techniques class and the Web Application Security class. He has presented to many organizations, including Infragard, ISACA, ISSA and the University of Florida.
top^
Fred Kerby
Fred is an engineer, manager, and security practitioner whose experience spans several generations of networking. He is the information assurance manager at the Naval Surface Warfare Center, Dahlgren Division and has vast experience with the political side of security incident handling. His team is one of the recipients of the SANS Security Technology Leadership Award as well as the Government Technology Leadership Award. Fred received the Navy Meritorious Civilian Service Award in recognition of his technical and management leadership in computer and network security. A frequent speaker at SANS, Fred’s presentations reflect his opinions and are not the opinions of the Department of the Navy.
top^
Frank Kim
Frank Kim is a co-founder and Principal Consultant with http://www.thinksec.com, Think Security Consulting, a San Francisco Bay Area based application security consulting firm. Frank is an author and instructor for SANS Security 541: Secure Coding in Java/JEE. He has over ten years experience developing applications using Java/Java EE and has designed and developed web applications for large health care, technology, insurance, and consulting companies. Frank currently focuses on integrating security into the software development life cycle by doing penetration testing, security assessments, architecture reviews, code reviews, and training. Frank holds the CISSP, GPEN, GCIH, GCFA, GCIA, GSSP-Java, and is a Sun Certified Java Developer and Programmer.
top^
Jason Lam
Jason is a senior security analyst at a major financial institute in Canada. His recent SANS Institute courseware development includes Cutting-Edge Hacking Techniques and Web Application Security Workshop. Jason started his career as a programmer before moving on to ISP network administration where he handled network security incidents, which sparked his interest in infosec work. Jason specializes in network perimeter protection, penetration testing and intrusion detection. He currently holds a B.A. in Computer Science from York University in Toronto, Ontario as well as CISSP, GCIA, GCFW, GCUX, GCWN, GCIH.
  • Jason will be teaching:
top^
Rob Lee
Rob Lee is a Principal Consultant for MANDIANT, a leading provider of information security consulting services and software to Fortune 500 organizations and the U.S. Government. Rob has over 11 years experience in computer forensics, vulnerability discovery, intrusion detection, and incident response. Rob graduated the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on Information Operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations and computer forensics. Prior to joining MANDIANT, he worked on contracts for a variety of government agencies, where he was the technical lead for a vulnerability discovery team, contractor lead for cyber forensics branch, and led a security software development team. Rob also coauthored the bestselling book, Know Your Enemy, 2nd Edition. In addition to working for MANDIANT and the SANS Institute, Rob is currently pursuing his MBA at Georgetown University in Washington D.C.
top^
John Myers
John Myers has thirty-plus years of Cryptography, Communications Security (COMSEC), Emission Security (TEMPEST), Computer Security (COMPUSEC), electronic data processing (EDP) security, information security (INFOSEC), and enterprise information assurance (IA) experience.  Experience ranges from technician level to senior technical and managerial positions. Expertise focused on all areas of security certification and accreditation (C&A). Performed C&As on applications, stand-alone systems, local area networks, wide area networks and legacy systems.  Over five years of classroom instruction, instructional systems design, and course development.
top^
Stephen Northcutt
Stephen Northcutt founded the GIAC certification and currently serves as President of the SANS Technology Institute, a post graduate level IT Security College, www.sans.edu. Stephen is author/coauthor of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security 2nd Edition, IT Ethics Handbook, SANS Security Essentials, SANS Security Leadership Essentials and Network Intrusion Detection 3rd edition. He was the original author of the Shadow Intrusion Detection system before accepting the position of Chief for Information Warfare at the Ballistic Missile Defense Organization. Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crewman, white water raft guide, chef, martial arts instructor, cartographer, and network designer.
top^
Hal Pomeranz
Hal is founder and CEO of Deer Run Associates, a systems management and security consulting firm. He has spent more than fifteen years managing systems and networks for some of the largest commercial, government, and academic organizations in the country. He is the Technical Editor for SysAdmin Magazine and was the recipient of the 2001 SAGE Outstanding Achievement award for his teaching and leadership in the field of System Administration. Hal participated in the first SANS conference and designed the SANS Step-by-Step course model. He is a top-rated instructor and author on topics ranging from information security to system and network management to Perl programming.
top^
Mike Poor
Mike is a founder and Senior Security Analyst for the DC firm Intelguardians LLC. In his recent past life he has worked for Sourcefire, as a research engineer, and for the SANS Institute leading their Intrusion Analysis Team. As a consultant, Mike conducts forensic analysis, penetration tests, vulnerability assessments, security audits, and architecture reviews. His primary job focus however is in intrusion detection, response, and mitigation. Mike currently holds both GSEC and GCIA certifications, and is an expert in network engineering and systems, network and web administration. Mike is an author of the international best selling Snort 2.1 book from Syngress, and is a Handler for the Internet Storm Center.
top^
Marcus Sachs
Marcus Sachs serves as Executive Director of Government Affairs for National Security Policy at Verizon in Washington, D.C. Prior to joining Verizon in August 2007, he was the deputy director of SRI International's Computer Science Laboratory. Marcus has served as the director of the SANS Internet Storm Center since 2003, and is an internationally recognized computer security expert. He brings over 26 years of professional experience to SANS including 20 years of active military service as an officer in the United States Army and two years of national cyberspace security policy development as a Presidential appointee to the National Security Council staff in the George W. Bush administration. Marcus was the first cyber security official assigned to the Department of Homeland Security in 2003 where he developed the initial concept and strategy for the creation of the United States Computer Emergency Response Team. He was also a founding member of the Defense Department's Joint Task Force for Computer Network Defense, created in 1998 as the first US military organization designed to fight foreign threats in cyberspace. A graduate of the US Army Command and General Staff College, Marcus also holds a Masters degree in Computer Science with a concentration in Information Security, a Masters degree in Science and Technology Commercialization, and a Bachelor of Civil Engineering degree. He is currently pursuing a Ph.D. in Public Policy with a concentration in Science and Technology. Marcus is a licensed Professional Engineer in the Commonwealth of Virginia.
top^
Richard Salgado
Richard P. Salgado is a Senior Legal Director with Yahoo! Inc., where he focuses on international privacy, security and law enforcement compliance matters. Prior to joining Yahoo!, Mr. Salgado served as Senior Counsel in the Computer Crime and Intellectual Property Section of the United States Department of Justice. As a federal prosecutor, Mr. Salgado specialized in investigating and prosecuting computer network cases, such as computer hacking, illegal computer wiretaps, denial of service attacks, malicious code and other technology-driven privacy crimes. Mr. Salgado also regularly speaks on the legal and policy implications of searching and seizing computers and electronic evidence, emerging surveillance technologies, digital evidence and related criminal conduct. Mr. Salgado is a lecturer in law at Stanford Law School, where he teaches a Computer Crime seminar; he previously served as an adjunct law professor at Georgetown University Law Center and George Mason Law School, and as a faculty member of the National Judicial College. Mr. Salgado graduated magna cum laude from the University of New Mexico and in 1989 received his J.D. from Yale Law School.
top^
Stephen Sims
Stephen Sims is an Information Security Consultant currently working for Wells Fargo in San Francisco, CA. He has spent the past seven years in the Bay Area working for several large financial institutions on Network and Systems Security, Reverse-Engineering Malware, Risk Assessment and Management. Prior to San Francisco, Stephen worked in the Baltimore/DC area as a Network Security Engineer for companies such as General Motors and Sylvan Prometric. He is one of only a handful of individuals who holds the GIAC Security Expert (GSE) Certification and is currently working with GIAC and White Wolf Security to administer this years exam in Las Vegas. . He is a SANS certified instructor and holds several other certifications such as the CISSP and CISA and is currently co-authoring a book on exploit techniques.
top^
Ed Skoudis
Ed Skoudis is a co-founder and Senior Security Analyst with Intelguardians, a Washington DC based information security consulting firm. Ed teaches SANS Security 504, "Hacker Techniques, Exploits and Incident Handling," and 517, "Cutting Edge Hacking Techniques," on a regular basis. Ed's expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues. He has performed numerous security assessments, provided detailed expert witness services in cases involving major credit card theft, and responded to computer attacks for clients in the financial, high technology, healthcare, and other industries. Ed conducted a demonstration of hacker techniques against financial institutions for the United States Senate and is a frequent speaker on issues associated with hacker tools and defenses. He has published several articles on these topics, as well as the books Counter Hack Reloaded and Malware: Fighting Malicious Code. Ed was also awarded 2004, 2005, and 2006 Microsoft MVP awards for Windows Server Security, and is an alumnus of the Honeynet Project. Previous to Intelguardians, Ed served as a security consultant with International Network Services (INS), Predictive Systems, Global Integrity, SAIC, and Bell Communications Research (Bellcore).
top^
Rick Smith
Rick Smith is a Senior System Security Engineer working in SAIC's Common Criteria and Cryptographic Module Testing Laboratories.  He also provides information security consulting services to Department of Defense and civilian government agencies. Rick holds the GIAC Security Expert certification and several other GIAC certifications including GSNA and GCFA.  His other IT certifications include CISSP, ISSEP, CISA and, MCSE+I. Rick has been active within the SANS community, he serves as: a member of the GIAC Advisory Board and as an instructor in the Community SANS and SANS Stay Sharp Programs. Rick is currently pursuing a Masters of Information Security Engineering degree from The SANS Technology Institute (STI).
top^
John Strand
John Strand currently teaches the SANS GCIH and CISSP classes. He is currently certified GIAC Gold in the GCIH and GCFW and is a Certified SANS Instructor. He is also a holder of the CISSP certification. He started working computer security with Accenture Consulting in the areas of intrusion detection, incident response, and vulnerability assessment/penetration testing. He then moved on to Northrop Grumman specializing in DCID 6/3 PL3-PL5 (multi-level security solutions), security architectures, and program certification and accreditation. He is currently employed with SANS managing the local mentor program. He also is a consultant with Argotek, Inc. He has a Masters degree from Denver University, and is currently also a professor at Denver University. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.
top^
James Tarala
James Tarala is a principal consultant with Enclave Hosting, LLC and is based out of Venice, FL. He is a regular speaker and senior instructor with the SANS Institute, as well as a courseware author and editor for many of their auditing and security courses. As a consultant, he has spent the past few years architecting large enterprise IT security and infrastructure architectures, specifically working with many Microsoft based directory services, e-mail, terminal services, and wireless technologies. He has also spent a large amount of time consulting with organizations to assist them in their security management, operational practices, and regulatory compliance issues, and often times performs independent security audits and assists internal audit groups to develop their internal audit programs. James completed his undergraduate studies at Philadelphia Biblical University, his graduate work at the University of Maryland, and holds numerous professional certifications.
top^
Dr. Johannes Ullrich, Ph.D.
As Chief Research Officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a web development company and as a research physicist. Johannes holds a Ph.D. in Physics from SUNY Albany and is located in Jacksonville FL.
top^
Steve Whalen
Steve Whalen, CFCE is currently a Director with Forward Discovery, Inc., an Information Security provider with offices in Washington DC, Texas, North Carolina and Delaware. Prior to joining the Forward Discovery team, Mr. Whalen served 15 years as a Delaware State Trooper. During his time with the state police, Mr. Whalen spent several years as a detective with the Criminal Investigations Unit where he investigated major crimes against persons and property. Mr. Whalen has taught law enforcement officers abroad in several countries throughout Europe, Asia, and Africa as a part of the Anti-Terrorism Assistance Program for the United States Department of State. Mr. Whalen regularly participates in the National Institute of Justice – Electronic Crime Partnership Initiative program which develops strategies for combating electronic crimes.
top^
Benjamin Wright
Ben, recognized the world over as one of the leading lawyers in e-commerce, is the founding author of The Law of Electronic Commerce, a comprehensive book on the legality of electronic transactions and computerized business records. Since 1988, Wright has delivered over 500 speeches on e-commerce, privacy, records management, and computer security and been quoted in publications around the globe, from the Wall Street Journal to the Sydney Morning Herald. He wrote and presented to the Sri Lankan government a report on technology law, which contributed to the adoption of national e-commerce legislation in 2005.
top^
Joshua Wright
Joshua is the author of several papers on wireless security and intrusion analysis, and the co-author of Securing Cisco Routers: Step-by-Step, a book published by the SANS Institute. In a consulting role, he has worked with Fortune 500 companies, federal agencies, and educational institutions addressing issues related to wireless security, vulnerability assessment, and secure network design. He currently serves as the senior security researcher for Aruba Wireless Networks and is an instructor for the SANS Institute.
top^
Lenny Zeltser
Lenny Zeltser leads the New York security consulting team at SAVVIS, a premier provider of IT infrastructure and hosting services. He is also a member of the Board of Directors at SANS Technology Institute, a senior faculty member at SANS, and an incident handler at the Internet Storm Center. Lenny co-authored a number of books, including Inside Network Perimeter Security and Malware: Fighting Malicious Code. He also contributed articles to publications such as the Information Security magazine, and presented to IT executives at conferences and private summits. In addition to holding the CISSP certification, Lenny is one of the few individuals in the world who have earned the highly-regarded GIAC Security Expert (GSE) designation. He has an MBA degree from MIT Sloan and a Computer Science degree from the University of Pennsylvania. More information about Lenny's projects and interests is available at http://www.zeltser.com.
top^