- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive!
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top Security Risks
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
Baltimore, MD - June 13 - 22, 2009
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
SANS always provides the best training and trainers with a vast amount of knowledge.
-Mike Brennan, SSIC
Faculty for SANSFIRE 2009
Tanya Baccam
Tanya is a SANS senior instructor as well as a SANS courseware author. She provides many security consulting services for clients, such as system audits, vulnerability and risk assessments, database audits, and Web application audits. Tanya has previously worked as the director of assurance services for a security services consulting firm and the manager of infrastructure security for a healthcare organization. She also served as a manager at Deloitte & Touche in the Security Services practice. Throughout her career she's consulted with many clients about their security architecture, including areas such as perimeter security, network infrastructure design, system audits, Web server security, and database security. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, and Oracle DBA certifications.- Tanya will be teaching:
- AUD 521.1 Meeting the Minimum: PCI/DSS 1.2: Becoming and Staying Compliant
- AUD 521.2 Meeting the Minimum: PCI/DSS 1.2: Becoming and Staying Compliant
- AUD 507.1 Audit Principles, Risk Assessment, and Effective Reporting
- AUD 507.2 Auditing the Perimeter
- AUD 507.3 Network Auditing Essentials
- AUD 507.4 Web Application Auditing
- AUD 507.5 Advanced Windows Auditing
- AUD 507.6 Auditing Unix Systems
Chris Brenton
Chris Brenton is a private consultant with over ten years of experience in the field. He is one of the founding members of the initial Honeynet Project and one of the original Internet Storm Center handlers, and he started up one of the first managed security ISP's. Over the years, he's been credited with the discovery of numerous vulnerabilities in various software products. Along with being a published author, Chris is responsible for maintaining all of the material in the SANS Perimeter Protection In-Depth course. In his spare time, Chris teaches rally and high speed off road security driving where he can be found teaching students to make their side window the front of the car.- Chris will be teaching:
- SEC 502.1 TCP/IP for Firewalls
- SEC 502.2 Firewalls, NIDS, and NIPS
- SEC 502.3 Wire Products and Assessment
- SEC 502.4 Host Level Security
- SEC 502.5 Securing the Wire
- SEC 502.6 Perimeter Wrap Up
- SEC 434 Log Management In-Depth: Compliance, Security, Forensics, and Troubleshooting
Eric Cole, PhD
Dr. Eric Cole is an industry-recognized security expert with over 15 years of hands-on experience. Cole currently performs leading-edge security consulting and works in research and development to advance the state of the art in information systems security. Cole has experience in information technology with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Cole has a master's degree in computer science from NYIT and a PhD from Pace University with a concentration in information security. Dr. Cole is the author of several books, including Hackers Beware, Hiding in Plain Site, Network Security Bible, and Insider Threat. He is the inventor of over 20 patents and is a researcher, writer, and speaker. He is also a member of the Commission on Cyber Security for the 44th President and several executive advisory boards. Dr. Cole is also the CTO of the Americas for McAfee. Cole is actively involved with the SANS Technology Institute (STI) and SANS working with students, teaching, and maintaining and developing courseware. He is a SANS faculty fellow and course author.- Eric will be teaching:
- SEC 501.1 Defensive Network Infrastructure
- SEC 501.2 Packet Analysis
- SEC 501.3 Pentest
- SEC 501.4 First Responder
- SEC 501.5 Malware
- SEC 501.6 Data Loss Prevention
Eric Conrad
Certified SANS instructor Eric Conrad's career began in 1991 as a Unix sysadmin for a small oceanographic communications company. He gained experience in a variety of industries, including research, education, power, Internet, and healthcare, and has worked with companies such as Mitsubishi Electric Research Labs, Boston University, The Open Group, Navipath, and Caritas Christi Health Care. He is now an independent information security consultant focusing on intrusion detection, incident handling, and penetration testing. He is a graduate of the SANS Technology Institute with a Master of Science degree in information security engineering. In addition to the CISSP, he holds the prestigious GIAC Security Expert (GSE) certification as well as the GIAC GPEN, GCIH, GCIA, GCFA, GAWN, and GSEC certifications. He is a contributing author to SANS HIPAA Security Implementation. Eric also blogs about information security at www.ericconrad.com.
- Eric will be teaching:
- MGT 414.1 Overview and Access Control Systems & Methodology
- MGT 414.2 Telecommunications, Network & Internet Security and Security Management Practices
- MGT 414.3 Applications & Systems Development and Cryptography
- MGT 414.4 Security Architecture & Models and Operations Security
- MGT 414.5 Business Continuity Planning and Law, Investigations & Ethics
- MGT 414.6 Physical Security
Ralph Durkee
Ralph Durkee had an early start to his 29 year career of Software Development and Security Consulting, when he started his first full time permanent programming job at the age of 18 after already having finishing 2 years of college. About a year after graduating with his BS in CS, Ralph was appointed acting supervisor of a programming team of 5. From there he went on to AT&T Bell Labs to become the lead designer and developer of a real time transaction database system called TUXEDO. Moving back home to Rochester, NY, Ralph started his own security consulting business in 1996. Ralph is also the founder and president for the Rochester, NY Chapter since 2004. He has performed a variety of security audits and software security assessments and secure software development consultations for clients in the Rochester, NY area. His expertise in application security and secure Internet and web services is based on years of both hands-on and technical training experience. He has developed and taught a wide variety of professional security seminars including custom web application security training, and SANS SEC504 - Hacker Techniques. Ralph regularly leads development of a wide variety of security standards such as application security, database encryption and security consulting for compliance with the Payment Card Industry Data Security Standard. Ralph has also led the development of several security benchmarks (standards) for the Center for Internet Security including Red Hat Linux, FreeBSD, Apache, DNS BIND, LDAP and RADIUS. Finally Ralph is served as a chair for the very successful Rochester Security Summit since it started in 2006. Ralph holds the following certifications: CISSP, GSEC, GCIH, GSNA, GPEN- Ralph will be teaching:
- SEC 504.1 Incident Handling Step-by-Step and Computer Crime Investigation
- SEC 504.2 Computer and Network Hacker Exploits - Part 1
- SEC 504.3 Computer and Network Hacker Exploits - Part 2
- SEC 504.4 Computer and Network Hacker Exploits - Part 3
- SEC 504.5 Computer and Network Hacker Exploits - Part 4
- SEC 504.6 Hacker Tools Workshop
Jason Fossen
Jason Fossen is a principal security consultant at Enclave Consulting LLC, a published author, and a frequent public speaker on Microsoft security issues. He is the sole author of the SANS Institute's week-long Securing Windows course (SEC505), maintains the Windows day of Security Essentials (SEC401.5), and has been involved in numerous other SANS projects since 1998. He graduated from the University of Virginia, received his master's degree from the University of Texas at Austin, and holds a number of professional certifications. He currently lives in Dallas, Texas. Jason blogs about Windows Security Issues on the SANS Windows Security Blog.
- Jason will be teaching:
- SEC 505.1 Securing Active Directory and DNS
- SEC 505.2 Enforcing Critical Controls With Group Policy
- SEC 505.3 Windows PKI, EFS and BitLocker
- SEC 505.4 Windows Firewall, IPSec, Wireless and VPNs
- SEC 505.5 Securing IIS 7.0
- SEC 505.6 Windows PowerShell
Jeff Frisk
Jeff holds the PMP and GSEC credentials and currently serves as the director of the GIAC program. He has worked on many projects for SANS and GIAC, including courseware, certification, and exam development. Jeff has an engineering degree from The Rochester Institute of Technology and more than 15 years of IT project management experience with computer systems, high-tech consumer products, and business development initiatives. Jeff has held various positions, including managing operations, product development, electronic systems / computer engineering. He has many years of international and high-tech business experience working with both big and small companies to develop computer hardware and software products and services.- Jeff will be teaching:
- MGT 525.1 Project Management Structure and Framework
- MGT 525.2 Project Charter and Scope Management
- MGT 525.3 Time and Cost Management
- MGT 525.4 Communications and Human Resources
- MGT 525.5 Quality and Risk Management
- MGT 525.6 Procurement and Project Integration
Bryce Galbraith
Bryce began his IT journey at 10 years of age with a Commodore 64 and a 300 baud modem. As a contributing author of the internationally bestselling book Hacking Exposed: Network Security Secrets & Solutions, Bryce helped bring the secret world of hacking out of the darkness and into the public eye. Bryce has held security positions at global ISPs and Fortune 500 companies as well as being a senior member of Foundstone's world-renowned attack and penetration team. Bryce also served as senior instructor and co-author of Foundstone's Ultimate Hacking: Hands-On series. He has taught the art of ethical hacking and countermeasures to thousands of IT professionals from a who's who of top companies, financial institutions, and government agencies around the globe. Bryce currently teaches Security 504: Hacker Techniques, Exploits, and Incident Handling, Security 560: Network Penetration Testing and Ethical Hacking, Security 517: Cutting-Edge Hacking Techniques, Security 550: Information Reconnaissance: Competitive Intelligence and Online Privacy, Security 401: SANS Security Essentials Bootcamp Style, Security 553: Metasploit for Penetration Testers, Security 561: Network Penetration Testing: Maximizing the Effectiveness of Reports, Exploits, and Command Shells, and several other courses for the SANS Institute. Bryce is an active member of several security-related professional organizations, he speaks at a variety of conferences, and he holds a number of certifications: CISSP, GCIH, GSEC, CEH, CHFI, Security+, and CCNA. Bryce is currently the chief hacking officer at Layered Security, where he provides vulnerability assessment services to clients around the world. Bryce also blogs about security issues at http://blog.layeredsec.com.
- Bryce will be teaching:
- SEC 401.1 Networking Concepts
- SEC 401.2 Defense In-Depth
- SEC 401.3 Internet Security Technologies
- SEC 401.4 Secure Communications
- SEC 401.5 Windows Security
- SEC 401.6 Linux Security
- SEC 517 Cutting-Edge Hacking Techniques
Jonathan Ham
Jonathan is an independent consultant who specializes in large-scale enterprise security issues, from policy and procedure, through staffing and training, to scalable prevention, detection, and response technology and techniques. With a keen understanding of ROI and TCO (and an emphasis on process over products), he has helped his clients achieve greater success for over 12 years, advising in both the public and private sectors, from small upstarts to the Fortune 500. He's been commissioned to teach NCIS investigators how to use Snort, performed packet analysis from a facility more than 2000 feet underground, and chartered and trained the CIRT for one of the largest U.S. civilian Federal agencies. He currently holds the CISSP, GSEC, GCIA, and GCIH certifications, and is a member of the GIAC Advisory Board. A former combat medic, Jonathan still spends some of his time practicing a different kind of emergency response, volunteering and teaching for both the National Ski Patrol and the American Red Cross.- Jonathan will be teaching:
- SEC 558.1 Network Forensics
- SEC 558.2 Network Forensics
- SEC 558.3 Network Forensics
- SEC 556 Comprehensive Packet Analysis
- SEC 558 Network Forensics
- SEC 558 Network Forensics
- SEC 558 Network Forensics
Kevin Johnson
Kevin Johnson is a senior security analyst with InGuardians, LLC. Kevin came to security from a development and system administration background. He has many years of experience performing security services for Fortune 100 companies, and in his spare time he contributes to a large number of open source security projects. Kevin founded and leads the development on the Basic Analysis and Security Engine (BASE) project, the most popular Web interface for the Snort intrusion detection system. Kevin is an instructor for SANS, teaching both SEC504: Hacker Techniques, Exploits, and Incident Handling and SEC542: Web App Penetration Testing and Ethical Hacking. He has presented to many organizations, including Infragard, ISACA, ISSA, and the University of Florida.- Kevin will be teaching:
- SEC 542.1 Web App Penetration Testing and Ethical Hacking: The Attacker's View of the Web
- SEC 542.2 Web Penetration Testing and Ethical Hacking: Reconnaissance and Mapping
- SEC 542.3 Web Penetration Testing and Ethical Hacking: Server-Side Discovery
- SEC 542.4 Web Penetration Testing and Ethical Hacking: Client-Side Discovery
- SEC 542.5 Web Penetration Testing and Ethical Hacking: Exploitation
- SEC 542.6 Web Penetration Testing and Ethical Hacking: Capture the Flag
Fred Kerby
Fred is an engineer, manager, and security practitioner whose experience spans several generations of networking. He is the information assurance manager at the Naval Surface Warfare Center, Dahlgren Division and has vast experience with the political side of security incident handling. His team is one of the recipients of the SANS Security Technology Leadership Award as well as the Government Technology Leadership Award. Fred received the Navy Meritorious Civilian Service Award in recognition of his technical and management leadership in computer and network security. A frequent speaker at SANS, Fred's presentations reflect his opinions and are not the opinions of the Department of the Navy.- Fred will be teaching:
- SEC 301.1 A Framework for Information Security
- SEC 301.2 Securing the Infrastructure
- SEC 301.3 Cryptography and Security in the Enterprise
- SEC 301.4 Information Security Policy
- SEC 301.5 Defense In-Depth: Lessons Learned
- SEC 301.1 A Framework for Information Security
- SEC 301.2 Securing the Infrastructure
- SEC 301.3 Cryptography and Security in the Enterprise
- SEC 301.4 Information Security Policy
- SEC 301.5 Defense In-Depth: Lessons Learned
Frank Kim
Frank Kim is a co-founder and principal consultant with Think Security Consulting (http://www.thinksec.com), a San Francisco Bay area based application security consulting firm. Frank is an author and instructor for SANS Security 541: Secure Coding in Java/JEE. He has over ten years of experience developing applications using Java/Java EE and has designed and developed Web applications for large health care, technology, insurance, and consulting companies. Frank currently focuses on integrating security into the software development life cycle by doing penetration testing, security assessments, architecture reviews, code reviews, and training. Frank holds the CISSP, GPEN, GCIH, GCFA, GCIA, and GSSPJava certifications and is a Sun Certified Java Developer and Programmer.- Frank will be teaching:
- DEV 541.1 Data Validation
- DEV 541.2 Authentication & Session Management
- DEV 541.3 Access Control & Java Security APIs
- DEV 541.4 Java Language & JRE Security Topics
- DEV 534 Secure Code Review for Java Web Apps
Rob Lee
Rob Lee is a Director for MANDIANT, a leading provider of information security consulting services and software to Fortune 500 organizations and the U.S. government. Rob is also the curriculum lead for digital forensic training at the SANS Institute. Rob has more than 14 years' experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response. Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations, incident response, and computer forensics. Prior to joining MANDIANT, he directly worked with a variety of government agencies in the law enforcement, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and exploit development team, lead for a cyber forensics branch, and lead for a computer forensic and security software development team. Rob coauthored the bestselling book Know Your Enemy, 2nd Edition. Rob earned his MBA from Georgetown University in Washington DC. He was awarded the Digital Forensic Examiner of the Year from the Forensic 4Cast Awards. He blogs about computer forensic and incident response topics at the SANS Computer Forensic Blog. Rob also co-authored the MANDIANT threat intelligence report - M-Trends: The Advanced Persistent Threat.
- Rob will be teaching:
- SEC 408.1 Forensic and E-discovery Fundamentals
- SEC 408.2 Evidence Acquisition and Analysis
- SEC 408.3 Core Windows Forensics Part I
- SEC 408.4 Core Windows Forensics Part II
- SEC 408.5 Forensic Challenge and Mock Trial
- SEC 526 Advanced Filesystem Recovery and Memory Forensics
Scott Moulton
Scott Moulton is president of Forensic Strategy Services, LLC and also owns a data recovery company called My Hard Drive Died.com. Scott has been doing computer forensics for almost nine years. He began his career with a specialty in rebuilding hard drives for investigative purposes. Since that time he has handled hard drives for many court cases that have involved depositions and testifying, including a murder investigation. Recently Scott worked on an FBI case where he had to completely reassemble a damaged hard drive, successfully recovering 97% of the data. Throughout his career, Scott has continued to develop new methods and teach them to the public, publish videos on how to recover hard drives and retrieve data long thought dead, and give presentations on his processes and methodologies all over the United States. His material has been used in courts around the world.- Scott will be teaching:
- SEC 606.1 Drive and Data Recovery Forensics
- SEC 606.2 Drive and Data Recovery Forensics
- SEC 606.3 Drive and Data Recovery Forensics
- SEC 606.4 Drive and Data Recovery Forensics
- SEC 606.5 Drive and Data Recovery Forensics
Michael Murr
Michael has been a forensic analyst with Code-X Technologies for over five years, has conducted numerous investigations and computer forensic examinations, and has performed specialized research and development. Michael has taught SANS Security 504 (Hacker Techniques, Exploits, and Incident Handling), SANS Security 508 (Computer Forensics, Investigation, and Response), and SANS Security 601 (Reverse-Engineering Malware); has led SANS@Home courses; and is a member of the GIAC Advisory Board. Currently, Michael is working on an open-source framework for developing digital forensics applications. Michael holds the GCIH, GCFA, and GREM certifications and has a degree in computer science from California State University at Channel Islands. Michael also blogs about Digital forensics on his Forensic Computing blog.
- Michael will be teaching:
- SEC 508.1 Forensic and Investigative Essentials
- SEC 508.2 Forensic Methodology Illustrated Part 1
- SEC 508.3 Forensic Methodology Illustrated Part 2
- SEC 508.4 Windows Filesystem Forensics
- SEC 508.5 Computer Investigative Law for Forensic Analysts
- SEC 508.6 Advanced Forensics and the Forensic Challenge
- SEC 553 Metasploit for Penetration Testers
Stephen Northcutt
Stephen Northcutt founded the GIAC certification and currently serves as president of the SANS Technology Institute, a postgraduate level IT security college (www.sans.edu). Stephen is author/coauthor of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security 2nd Edition, IT Ethics Handbook, SANS Security Essentials, SANS Security Leadership Essentials and Network Intrusion Detection 3rd edition. He was the original author of the Shadow Intrusion Detection system before accepting the position of chief for information warfare at the Ballistic Missile Defense Organization. Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crewman, white water raft guide, chef, martial arts instructor, cartographer, and network designer.
Since 2007 Stephen has conducted over 34 in-depth interviews with leaders in the security industry, from CEOs of security product companies to the most well-known practitioners in order to research the competencies required to be a successful leader in the security field. He maintains the SANS Leadership Laboratory, where research on these competencies is posted as well as SANS Security Musings. He is the lead author for Execubytes, a monthly newsletter that covers both technical and pragmatic information for security managers. He leads the Management 512 Alumni forum, where hundreds of security managers post questions. He is the lead author/instructor for Management 512: SANS Security Leadership Essentials for Managers, a prep course for the GSLC certification that meets all levels of requirements for DoD Security Managers per DoD 8570, and he also is the lead author/instructor for Management 421: SANS Leadership and Management Competencies. Stephen also blogs at the SANS Security Leadership blog.
- Stephen will be teaching:
- MGT 512.1 Managing the Plant, Network, and Information Architecture
- MGT 512.2 Defense In Depth
- MGT 512.3 Secure Communications
- MGT 512.4 The Value of Information
- MGT 512.5 Management Practicum
- MGT 421 SANS Leadership and Management Competencies
Mike Poor
Mike is a founder and senior security analyst for the DC firm InGuardians LLC. In his recent past life he has worked for Sourcefire as a research engineer and for the SANS Institute leading their Intrusion Analysis Team. As a consultant, Mike conducts forensic analysis, penetration tests, vulnerability assessments, security audits, and architecture reviews. His primary job focus, however, is in intrusion detection, response, and mitigation. Mike currently holds both GSEC and GCIA certifications and is an expert in network engineering and systems, network and Web administration. Mike is an author of the international best selling Snort 2.1 book from Syngress and is a handler for the Internet Storm Center.- Mike will be teaching:
- SEC 503.1 TCP/IP for Intrusion Detection
- SEC 503.2 Network Traffic Analysis Using TCPdump - Part 1
- SEC 503.3 Network Traffic Analysis Using TCPdump - Part 2
- SEC 503.4 Intrusion Detection Snort Style
- SEC 503.5 Security Information Management and Traffic Analysis - Part 1
- SEC 503.6 Security Information Management and Traffic Analysis - Part 2
David Rice
David Rice is an internationally recognized cyber security expert, consulting director for policy reform at the U.S. Cyber Consequences Unit, and author of the critically acclaimed book Geekonomics: The Real Cost of Insecure Software. Mr. Rice is a key figure shaping the discussion of cyber security, and his work impacts both U.S. and European cyber security policy. As director of The Monterey Group, a private consulting firm, Mr. Rice advises a variety of clients on a range of issues, including cyber strategy development and execution, corporate cyber risk management, cyber security metrics, identity management, and secure software development practices.
- David will be teaching:
- DEV 544.1 Data Validation
- DEV 544.2 Authentication & Session Management
- DEV 544.3 Secure .NET Architecture
- DEV 544.4 .NET Framework Security
Stephen Sims
Stephen Sims is an information security consultant currently working for Wells Fargo in San Francisco, California. He has spent the past eight years in San Francisco working for several large financial institutions on network and systems security, penetration testing, exploitation development, risk assessment and management. Prior to San Francisco, Stephen worked in the Baltimore/DC area as a network security engineer for companies such as General Motors and Sylvan Prometric. He is one of only a handful of individuals who hold the GIAC Security Expert (GSE) Certification and also helps to author and maintain the current version of the exam. He is a SANS certified instructor and the course author of SANS' first and only 700-level course, SEC709: Developing Exploits for Penetration Testers and Security Researchers. Stephen also holds the CISSP, CISA, and Network Offense Professional (NOP) certification, amongst others.- Stephen will be teaching:
- SEC 709.1 Fuzzing for Bug Discovery
- SEC 709.2 Linux Memory and Stack Exploitation
- SEC 709.3 Advanced Linux Exploitation and Introduction to Windows
- SEC 709.4 Windows Stack and Heap Exploitation
- SEC 709.5 Capture the Flag
John Strand
John Strand currently is the owner and senior security researcher with Black Hills Information Security, and a consultant with Argotek, Inc for TS/SCI programs. As a certified SANS instructor he teaches: 504 "Hacker Techniques, Exploits and Incident Handling," 517, "Cutting Edge Hacking Techniques," and 560 "Network Penetration Testing." He is a contributing author of Nagios 3 Enterprise Network Monitoring, and a regular contributor to SearchSecurity's "Ask the Expert" series on the latest information security threats. He also regularly posts videos demonstrating the latest computer attacks and defenses at vimeo.com/album/26207. He started the practice of computer security with Accenture Consulting in the areas of intrusion detection, incident response, and vulnerability assessment/penetration testing. John then moved on to Northrop Grumman specializing in DCID 6/3 PL3-PL5 (multi-level security solutions), security architectures, and program certification and accreditation. He has a master's degree from Denver University and is currently also a professor at Denver University. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.- John will be teaching:
- SEC 560.1 Network Penetration Testing: Planning, Scoping, and Recon
- SEC 560.2 Network Penetration Testing: Scanning
- SEC 560.3 Network Penetration Testing: Exploitation
- SEC 560.4 Network Penetration Testing: Password Attacks
- SEC 560.5 Network Penetration Testing: Wireless and Web Apps
- SEC 560.6 Penetration Testing Workshop & Capture the Flag Event
- SEC 561 Network Penetration Testing: Maximizing the Effectiveness of Reports, Exploits, and Command Shells
James Tarala
James Tarala is a principal consultant with Enclave Security and is based out of Venice, Florida. He is a regular speaker and senior instructor with the SANS Institute as well as a courseware author and editor for many SANS auditing and security courses. As a consultant, he has spent the past few years architecting large enterprise IT security and infrastructure architectures, specifically working with many Microsoft-based directory services, e-mail, terminal services, and wireless technologies. He has also spent a large amount of time consulting with organizations to assist them in their security management, operational practices, and regulatory compliance issues, and he often times performs independent security audits and assists internal audit groups to develop their internal audit programs. James completed his undergraduate studies at Philadelphia Biblical University and his graduate work at the University of Maryland. He holds numerous professional certifications.- James will be teaching:
- MGT 411.1 Introduction to ISO/IEC 27000: Policy, ISMS & Awareness
- MGT 411.2 SANS 27000 Controls & Process Improvement I
- MGT 411.3 SANS 27000 Controls & Process Improvement II
- MGT 411.4 SANS 27000 Controls & Process Improvement III
- MGT 411.5 Risk Management, Security Compliance & Audit Controls
- MGT 411.6 ISO 27000 Implementation
- AUD 429 IT Security Audit Essentials Bootcamp
Johannes Ullrich, PhD
As chief research officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a Web development company and as a research physicist. Johannes holds a PhD in Physics from SUNY Albany and is located in Jacksonville, Florida. He also enjoys blogging about application security tips.
- Johannes will be teaching:
- SEC 540.1 Day 1 - VoIP Systems, Infrastructure and Design
- SEC 540.2 Day 2 - VoIP Protocols and Analysis
- SEC 540.3 VoIP Signaling Threats and Attacks, Part 1
- SEC 540.4 VoIP Signaling Threats and Attacks, Part 2
- SEC 540.5 Day 5 - VoIP Security
- SEC 540.6 Day 6 - VoIP Architecture
- SEC 546 IPv6 Essentials
Joshua Wright
Joshua Wright is a Senior Security Analyst with InGuardians, LLC and a Senior Instructor with the SANS Institute. A widely recognized expert in the wireless security field, Josh has worked with private and government organizations to evaluate the threat surrounding wireless technology. As an open-source enthusiast, Josh has developed a variety of tools that can be leveraged for penetration testing and security analysis. Prior to joining InGuardians, Josh was the Senior Security Researcher for Aruba Networks, leading a team committed to significantly improving the security of modern networks. In his spare time, Josh looks for any opportunity to void the warranty on wireless electronics. He also blogs about ethical hacking tips.
- Joshua will be teaching:
- SEC 617.1 Wireless Architecture and Analysis
- SEC 617.2 Wireless Security Exposed, Part 1
- SEC 617.3 Wireless Security Exposed, Part 2
- SEC 617.4 Wireless Security Exposed, Part 3
- SEC 617.5 Wireless Security Exposed, Part 4
- SEC 617.6 Wireless Security Strategies and Implementation
Lenny Zeltser
Lenny Zeltser leads the security consulting practice at Savvis. He is also a board of directors member at SANS Technology Institute, a SANS faculty member, and an incident handler at the Internet Storm Center. Lenny frequently speaks on information security and related business topics at conferences and private events, writes articles, and has co-authored several books.
Lenny is one of the few individuals in the world who have earned the highly-regarded GIAC Security Expert (GSE) designation. He also holds the CISSP certification. Lenny has an MBA degree from MIT Sloan and a computer science degree from the University of Pennsylvania. For more information about his projects, see http://www.zeltser.com.
- Lenny will be teaching:
- SEC 610.1 Reverse-Engineering Malware: The Essentials of Malware Analysis, Part 1
- SEC 610.2 Reverse-Engineering Malware: The Essentials of Malware Analysis, Part 2
- SEC 610.3 Reverse-Engineering Malware Additional Tools and Techniques, Part 1
- SEC 610.4 Reverse-Engineering Malware Additional Tools and Techniques, Part 2
- © 2000-2010 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy