Certified Security Instructors

Tanya Baccam - SANS Senior Instructor

Tanya is a SANS senior instructor as well as a SANS courseware author. She provides many security consulting services for clients, such as system audits, vulnerability and risk assessments, database audits, and Web application audits. Tanya has previously worked as the director of assurance services for a security services consulting firm and the manager of infrastructure security for a healthcare organization. She also served as a manager at Deloitte & Touche in the Security Services practice. Throughout her career she's consulted with many clients about their security architecture, including areas such as perimeter security, network infrastructure design, system audits, Web server security, and database security. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, and Oracle DBA certifications.

View upcoming courses taught by Tanya Baccam

George Bakos - SANS Certified Instructor

George Bakos has been interested in computer security since the early 1980s when he discovered the joys of BBSs and corporate databases. These days he is a senior engineer for Northrop Grumman's Cyber Threat Analysis & Intelligence team working to understand what's going on inside the minds and hearts of his adversaries. He was the developer of Tiny Honeypot and the IDABench intrusion analysis system and was one of the researchers behind the Dartmouth Distributed Honeynet System. George developed and taught the U.S. Army National Guard's CERT technical curriculum and ran the NGB's Information Operations Training and Development Center research lab for two years, fielding and supporting Computer Emergency Response Teams nationwide. Outside the lab, George enjoys the beauties of his home state, Vermont, through skiing, ice and rock climbing, and mountain biking.

View upcoming courses taught by George Bakos

Ryan Barnett - SANS Certified Instructor

Ryan C. Barnett is the Director of Application Security Training at Breach Security. He is also a Faculty Member for the SANS Institute, where his duties include Instructor/Courseware Developer for Apache Security/Building a Web Application Firewall Workshop, Top 20 Vulnerabilities Team Member and Local Mentor for the SANS Track 4, "Hacker Techniques, Exploits and Incident Handling" course. He holds six SANS Global Information Assurance Certifications (GIAC): Intrusion Analyst (GCIA), Systems and Network Auditor (GSNA), Forensic Analyst (GCFA), Incident Handler (GCIH), Unix Security Administrator (GCUX) and Security Essentials (GSEC). In addition to the SANS Institute, he is also the Team Lead for the Center for Internet Security Apache Benchmark Project and a Member of the Web Application Security Consortium. Mr. Barnett has also authored a web security book for Addison/Wesley Publishing entitled "Preventing Web Attacks with Apache."

View upcoming courses taught by Ryan Barnett

Chris Brenton - SANS Faculty Fellow

Chris Brenton is a private consultant with over ten years of experience in the field. He is one of the founding members of the initial Honeynet Project and one of the original Internet Storm Center handlers, and he started up one of the first managed security ISP's. Over the years, he's been credited with the discovery of numerous vulnerabilities in various software products. Along with being a published author, Chris is responsible for maintaining all of the material in the SANS Perimeter Protection In-Depth course. In his spare time, Chris teaches rally and high speed off road security driving where he can be found teaching students to make their side window the front of the car.

View upcoming courses taught by Chris Brenton

Guy Bruneau - SANS Certified Instructor

Guy is a Senior Security Consultant with IPSS Inc. in Ottawa, Ontario. He works within IPSS Inc. security practice assisting clients with their Security needs, implementation and engineering of Intrusion Detection/Prevention Systems (IDS/IPS) on large networks, integration of Enterprise Security Management (ESM) solutions, Network Security Auditing, and Incident Response and Reporting. Guy has a B.A. (IT) from University of Quebec, holds GIAC GSEC, GCIA, GCIH, GCUX, GCFA and ISSPCS certifications. He is a SANS certified instructor, a course author and Stay Sharp instructor. He authored the OS hardened Snort with Sguil IDS platform where the ISO is freely available at: http://www.whitehats.ca.

View upcoming courses taught by Guy Bruneau

Eric Cole, PhD - SANS Faculty Fellow

Dr. Eric Cole is an industry-recognized security expert with over 15 years of hands-on experience. Cole currently performs leading-edge security consulting and works in research and development to advance the state of the art in information systems security. Cole has experience in information technology with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Cole has a master's degree in computer science from NYIT and a PhD from Pace University with a concentration in information security. Dr. Cole is the author of several books, including Hackers Beware, Hiding in Plain Site, Network Security Bible, and Insider Threat. He is the inventor of over 20 patents and is a researcher, writer, and speaker. He is also a member of the Commission on Cyber Security for the 44th President and several executive advisory boards. Dr. Cole is also the CTO of the Americas for McAfee. Cole is actively involved with the SANS Technology Institute (STI) and SANS working with students, teaching, and maintaining and developing courseware. He is a SANS faculty fellow and course author.

View upcoming courses taught by Eric Cole, PhD

Eric Conrad - SANS Certified Instructor

Certified SANS Instructor Eric Conrad's career began in 1991 as a Unix sysadmin for a small oceanographic communications company. He gained experience in a variety of industries, including research, education, power, Internet, and healthcare, and has worked with companies such as Mitsubishi Electric Research Labs, Boston University, The Open Group, Navipath, and Caritas Christi Health Care. He is now an independent information security consultant focusing on intrusion detection, incident handling, and penetration testing. In addition to the CISSP, he holds the prestigious GIAC Security Expert (GSE) certification as well as the GIAC GPEN, GCIH, GCIA, GCFA, GAWN, GSEC certifications. He is a contributing author to SANS HIPAA Security Implementation.

View upcoming courses taught by Eric Conrad

Ted Demopoulos - SANS Certified Instructor

Ted Demopoulos' first significant exposure to computers was in 1977 when he had unlimited access to his high school's PDP-11 and hacked at it incessantly. He consequently almost flunked out but learned he liked playing with computers a lot. His business pursuits began in college and have been continuous ever since. His background includes over 20 years of experience in information security and business, including 15+ years as an independent consultant. Ted helped start a successful information security company, was the CTO at a "textbook failure" of a software startup, and has advised several other businesses. Ted is a frequent speaker at conferences and other events, quoted often by the press, and blogs on new media at BloggingForBusinessBook.com. In his spare time he writes books on Web 2.0, including Blogging for Business and What No One Ever Tells You About Blogging and Podcasting. He also has an ongoing software concern in Hong Kong, The Arial Group, an enterprise risk management solutions provider. Ted lives in New Hampshire with his wife, three children and dog.

View upcoming courses taught by Ted Demopoulos

Richard Fifarek - SANS Institute

Richard Fifarek has 10+ years experience focusing on UNIX/Linux systems administration and security. He has worked in small start-ups, academia, and large federal organizations ranging from UNIX/Linux systems administration to IT Systems Security Officer. He currently works as a Sr. Systems Administrator for the SANS Institute. Richard holds multiple GIAC Certifications.

View upcoming courses taught by Richard Fifarek

Jason Fossen - SANS Faculty Fellow

Jason Fossen is a principal security consultant at Enclave Consulting LLC, a published author, and a frequent public speaker on Microsoft security issues. He is the sole author of the SANS Institute's week-long Securing Windows course (SEC505), maintains the Windows day of Security Essentials (SEC401.5), and has been involved in numerous other SANS projects since 1998. He graduated from the University of Virginia, received his master's degree from the University of Texas at Austin, and holds a number of professional certifications. He currently lives in Dallas, Texas.

View upcoming courses taught by Jason Fossen

Stephen Fried - SANS Certified Instructor

Stephen Fried is the Director of Global Information Security at Lucent Technologies, leading the team responsible for protecting Lucent's electronic and information infrastructure. Stephen began his professional career at AT&T in 1985 and has held a wide range of technical and management positions in such areas as software development, database design, call center routing, computing research, and information security for AT&T, Lucent Technologies and Avaya. In more recent history, Stephen has developed the information security program for two Fortune 500 companies, dealing with topics like policy development, risk assessment, technology development & deployment and security outsourcing. Stephen is a Certified Information Systems Security Professional and holds a B.S. in Telecommunications Management and a M.S. in Computer Science.

View upcoming courses taught by Stephen Fried

Jeff Frisk - SANS Certifed Instructor

Jeff holds the PMP and GSEC credentials and currently serves as the director of the GIAC program. He has worked on many projects for SANS and GIAC, including courseware, certification, and exam development. Jeff has an engineering degree from The Rochester Institute of Technology and more than 15 years of IT project management experience with computer systems, high-tech consumer products, and business development initiatives. Jeff has held various positions, including managing operations, product development, electronic systems / computer engineering. He has many years of international and high-tech business experience working with both big and small companies to develop computer hardware and software products and services.

View upcoming courses taught by Jeff Frisk

Bryce Galbraith - SANS Certified Instructor

Bryce began his IT journey at 10 years of age with a Commodore 64 and a 300 baud modem. As a contributing author of the internationally bestselling book Hacking Exposed: Network Security Secrets & Solutions, Bryce helped bring the secret world of hacking out of the darkness and into the public eye. Bryce has held security positions at global ISPs and Fortune 500 companies as well as being a senior member of Foundstone's world-renowned attack and penetration team. Bryce also served as senior instructor and co-author of Foundstone's "Ultimate Hacking: Hands-On" series. He has taught the art of ethical hacking and countermeasures to thousands of IT professionals from a who's who of top companies, financial institutions, and government agencies around the globe. Bryce currently teaches Security 504: Hacker Techniques, Exploits and Incident Handling, Security 560: Network Penetration Testing and Ethical Hacking, Security 517: Cutting-Edge Hacking Techniques, Security 550: Advanced Information Recon, Security 401: SANS Security Essentials Bootcamp Style, and Security 561: Network Penetration Testing: Maximizing the Effectiveness of Reports, Exploits, and Command Shells for the SANS Institute. Bryce is an active member of several security-related professional organizations, he speaks at a variety of conferences, and he holds a number of certifications: CISSP, GCIH, GSEC, CEH, CHFI, Security+, and CCNA. Bryce is currently the lead consultant and co-founder of Layered Security.

View upcoming courses taught by Bryce Galbraith

Jess Garcia - SANS Certified Instructor

Jess Garcia, founder of One eSecurity, is a senior security engineer with over 15 years of experience in information security. During the last five years Jess has worked on highly sensitive projects in Europe, the United States, Latin America, and the Middle East with top global customers in the financial, insurance, corporate, media, health, communications, legal, and government sectors. His work has included incident response, computer forensics, malware analysis, security architecture design and review, and more. Previously, Jess worked for 10 years as a systems, network, and security engineer in the Spanish Space Agency, where he collaborated as a security advisor with the European Space Agency, NASA, and other international organizations.

Jess is a frequent speaker at security events, having been invited to dozens of them around the world during the last few years. Jess has also contributed to several books, articles, SANS courseware, the GIAC program, etc. Jess is an active security researcher in areas such as incident response and computer forensics and honeynets. Jess holds a Masters of Science in telecommunications engineering from the Univ. Politecnica de Madrid.

View upcoming courses taught by Jess Garcia

Jonathan Ham - SANS Certified Instructor

Jonathan is an independent consultant who specializes in large-scale enterprise security issues, from policy and procedure, through staffing and training, to scalable prevention, detection, and response technology and techniques. With a keen understanding of ROI and TCO (and an emphasis on process over products), he has helped his clients achieve greater success for over 12 years, advising in both the public and private sectors, from small upstarts to the Fortune 500. He's been commissioned to teach NCIS investigators how to use Snort, performed packet analysis from a facility more than 2000 feet underground, and chartered and trained the CIRT for one of the largest U.S. civilian Federal agencies. He currently holds the CISSP, GSEC, GCIA, and GCIH certifications, and is a member of the GIAC Advisory Board. A former combat medic, Jonathan still spends some of his time practicing a different kind of emergency response, volunteering and teaching for both the National Ski Patrol and the American Red Cross.

View upcoming courses taught by Jonathan Ham

Paul A. Henry - SANS Instructor

Paul is one of the world's foremost global information security and computer forensic experts, with more than 20 years' experience managing security initiatives for Global 2000 enterprises and government organizations worldwide. He is currently the lead forensic investigator and president of Forensics & Recovery LLC and is keeping a finger on the pulse of network security as the security and forensic analyst at Lumension Security. Mr. Henry also serves as the board vice president of the Florida Association of Computer Crime Investigators (FACCI) and is the USA board vice president of the International Information Systems Forensics Association (IISFA). Throughout his career, Paul has played a key strategic role in launching new network security initiatives to meet our ever-changing threat landscape. Henry also advises and consults on some of the world’s most challenging and high-risk information security projects, including the National Banking System in Saudi Arabia, the Reserve Bank of Australia, the Department of Defense's Satellite Data Project, and both government as well as telecommunications projects through out Southeast Asia. Mr. Henry is frequently cited by major and trade print publications as an expert in computer forensics, technical security topics, and general security trends and serves as an expert commentator for network broadcast outlets, such as FOX, NBC, CNN, and CNBC. Paul serves as a featured and keynote speaker at seminars and conferences worldwide. In addition, he regularly authors thought leadership articles on technical security issues, and his expertise and insight help shape the editorial direction of key security publications, such as the Information Security Management Handbook, where he is a consistent contributor.

View upcoming courses taught by Paul A. Henry

Jim Herbeck - SANS Certified Instructor

Jim is a managing partner and principal consultant at NOUVEL Strategies, an information risk and security management company based in Geneva, Switzerland. He has spent over 20 years working with information systems in commercial, government, academic, and research environments, both in the US and Europe. He received a computer science degree from the University of Iowa and has been an adjunct professor for the Computer Science Department at the University of New Mexico. Jim holds the CISSP and GCUX certifications.

View upcoming courses taught by Jim Herbeck

Bob Hillery - SANS Certified Instructor

Bob Hillery is a co-founder and Senior Security Analyst with InGuardians, LLC, of Washington, DC. He brings a global perspective to consultancy through Information Systems Security Management and computer network security incident handling experience in the U.S. Navy, private sector, and R&D. Bob has published a number of papers regarding threat assessment, business systems security management, including a National Institute of Justice project evaluating cyber attack and forensics tools requirements while a Senior Researcher for the Institute for Security Technology Studies at Dartmouth College. He is on the Advisory Boards of the SANS Institute, a variety of academic groups, and small businesses providing technical insights for Information Security degree programs and for corporate and legal digital forensics requirements. He also served as the Vice President of Academic Affairs & Chair of Information Systems Department for NH Community Technical College. He is a certified instructor for the SANS Institute and guest lecturer at such places as the University of New Haven.s National Security Master.s Program and Franklin Pierce Law Center. Bob has Masters degrees in both Strategic Studies and International Relations. His professional certifications include CISSP, SANS GIAC certifications, MCSE and the NSA IAM & IEM.

View upcoming courses taught by Bob Hillery

David Hoelzer - SANS Faculty Fellow

With more than twenty years of experience, David has served in positions ranging from the highly technical to senior management for a variety of organizations. For the last ten years, David has been the director of research for Cyber-Defense and the principal examiner for Enclave Forensics. In addition to day-to-day responsibilities, he has acted as an expert witness for the Federal Trade Commission and continues to teach at major SANS events, teaching security professionals from organizations including NSA, USDA Forest Service, Fortune 500 security engineers and managers, DHHS, various DoD sites, national laboratories, and many colleges and universities. From time to time David also speaks nationally and internationally on various security topics.

View upcoming courses taught by David Hoelzer

Mark Hofman - SANS Certified Instructor

Mark Hofman is a director and founder of Shearwater Solutions and has over 15 years’ experience in ICT Security. He has worked for both private industry and government and has provided a wide range of information security consulting services to numerous organizations, including the financial sector, private sector, and government organizations. Mark has had a number of publications, has trained and lectured internationally, and is a handler for the Internet Storm Center. Mark holds professional certifications, including CISSP, GIAC GCFW, CompTIA Security+ and BSI lead auditor accreditations.

View upcoming courses taught by Mark Hofman

Kevin Johnson - SANS Certified Instructor

Kevin Johnson is a senior security analyst with InGuardians, LLC. Kevin came to security from a development and system administration background. He has many years of experience performing security services for Fortune 100 companies, and in his spare time he contributes to a large number of open source security projects. Kevin founded and leads the development on the Basic Analysis and Security Engine (BASE) project, the most popular Web interface for the Snort intrusion detection system. Kevin is an instructor for SANS, teaching both SEC504: Hacker Techniques, Exploits, and Incident Handling and SEC542: Web App Penetration Testing and Ethical Hacking. He has presented to many organizations, including Infragard, ISACA, ISSA, and the University of Florida.

View upcoming courses taught by Kevin Johnson

Fred Kerby - SANS Senior Instructor

Fred is an engineer, manager, and security practitioner whose experience spans several generations of networking. He is the information assurance manager at the Naval Surface Warfare Center, Dahlgren Division and has vast experience with the political side of security incident handling. His team is one of the recipients of the SANS Security Technology Leadership Award as well as the Government Technology Leadership Award. Fred received the Navy Meritorious Civilian Service Award in recognition of his technical and management leadership in computer and network security. A frequent speaker at SANS, Fred’s presentations reflect his opinions and are not the opinions of the Department of the Navy.

View upcoming courses taught by Fred Kerby

Rob Lee - SANS Faculty Fellow

Rob Lee is a director for MANDIANT (www.mandiant.com), a leading provider of information security consulting services and software to Fortune 500 organizations and the U.S. government. Rob is also the curriculum lead for digital forensic training at the SANS Institute (forensics.sans.org). Rob has more than 13 years' experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response. Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations, incident response, and computer forensics. Prior to joining MANDIANT, he directly worked with a variety of government agencies in the law enforcement, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and exploit development team, lead for a cyber forensics branch, and lead for a computer forensic and security software development team. Rob also coauthored the bestselling book Know Your Enemy, 2nd Edition. Rob earned his MBA from Georgetown University in Washington DC. Finally, Rob was awarded the Digital Forensic Examiner of the Year from the Forensic 4Cast 2009 Awards.

View upcoming courses taught by Rob Lee

Matthew Luallen - SANS Certified Instructor

Matthew E. Luallen is a well-respected information professional, researcher, instructor and author. Mr. Luallen serves as the President and Principal Consultant of Sph3r3, LLC., a strategic and practical educational and consulting company. With Sph3r3 Mr. Luallen consults with both governmental and commercial sectors including a multi-client base of corporations, public utilities, financial institutions, law enforcement and healthcare organizations. He has provided assistance and architectural support for many information security projects including integrating compliance requirements associated with SOX, HIPAA and the NERC CIP standard. Recent endeavors include architecting and integrating protective controls for financial market transactions, virtualized environments and SCADA systems. Prior to incorporating Sph3r3, Mr. Luallen provided strategic guidance for Argonne National Laboratory, U.S. Department of Energy, within the Information Architecture and Cyber Security Program Office. In an effort to promote education and collaboration in information security Mr. Luallen is an instructor and faculty at several institutions. Mr. Luallen is adjunct faculty for DePaul University instructing the Computer Information and Network Security Masters degree capstone course. He is also a certified instructor and CCIE for Cisco Systems instructing security technologies such as firewalls, intrusion prevention, virtual private networks and general secure information architecture. As a certified instructor for the SANS Institute Mr. Luallen teaches infrastructure architecture, wireless security, web application security, regulatory and standards compliance, and security essentials. Mr. Luallen is a graduate of National Technological University with a Master's Degree in Computer Science, Mr. Luallen also holds a Bachelor of Science degree in Industrial Engineering from the University of Illinois, Urbana.

View upcoming courses taught by Matthew Luallen

Randy Marchany - SANS Certified Instructor

Randy is the Director of VA Tech's IT Security Laboratory and the University's Assistant IT Security Officer. He is a co-author of the original SANS Top 10 Internet Threats, the SANS Top 20 Internet Threats, the SANS Consensus Roadmap for Defeating DDoS Attacks, and the SANS Incident Response: Step-by-Step guides. He is a member of the Center for Internet Security development team that produced and tested the CIS Solaris, HPUX, AIX, Linux and Windows2000/XP security benchmarks and scoring tools. He was a member of the White House Partnership for Critical Infrastructure Security working group that developed a Consensus Roadmap for responding to the DDOS attacks of 2000.

View upcoming courses taught by Randy Marchany

Seth Misenar - SANS Certified Instructor

Seth Misenar is a certified SANS instructor and also serves as lead consultant and founder of Jackson, Mississippi-based Context Security, which provides information security though leadership, independent research, and security training. Seth's background includes network and Web application penetration testing, vulnerability assessment, regulatory compliance efforts, security architecture design, and general security consulting. He has previously served as both physical and network security consultant for Fortune 100 companies as well as the HIPAA and information security officer for a state government agency. Prior to becoming a security geek, Seth received a BS in philosophy from Millsaps College, where he was twice selected for a Ford Teaching Fellowship. Also, Seth is no stranger to certifications and thus far has achieved credentials which include, but are not limited to, the following: CISSP, GPEN, GWAPT, GSEC, GCIA, GCIH, GCWN, GCFA, and MCSE. Beyond his security consulting practice, Seth is a regular instructor for SANS. He teaches numerous SANS classes, including SEC401: SANS Security Essentials Bootcamp Style, SEC504: Hacker Techniques, Exploits, and Incident Handling, and SEC542: Web App Penetration Testing and Ethical Hacking. Seth also serves as both virtual mentor and technical director for SANS OnDemand, the online course delivery arm of the SANS Institute.

View upcoming courses taught by Seth Misenar

Michael Murr - SANS Certified Instructor

Michael has been a forensic analyst with Code-X Technologies for over five years, has conducted numerous investigations and computer forensic examinations, and has performed specialized research and development. Michael has taught SANS Security 504 (Hacker Techniques, Exploits, and Incident Handling), SANS Security 508 (Computer Forensics, Investigation, and Response), and SANS Security 601 (Reverse-Engineering Malware); has led SANS@Home courses; and is a member of the GIAC Advisory Board. Currently, Michael is working on an open-source framework for developing digital forensics applications. Michael holds the GCIH, GCFA, and GREM certifications and has a degree in computer science from California State University at Channel Islands.

View upcoming courses taught by Michael Murr

Stephen Northcutt - SANS Faculty Fellow

Stephen Northcutt founded the GIAC certification and currently serves as president of the SANS Technology Institute, a postgraduate level IT security college (www.sans.edu). Stephen is author/coauthor of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security 2nd Edition, IT Ethics Handbook, SANS Security Essentials, SANS Security Leadership Essentials and Network Intrusion Detection 3rd edition. He was the original author of the Shadow Intrusion Detection system before accepting the position of chief for information warfare at the Ballistic Missile Defense Organization. Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crewman, white water raft guide, chef, martial arts instructor, cartographer, and network designer.

View upcoming courses taught by Stephen Northcutt

Judy Novak - SANS Senior Instructor

Judy currently works at OPS Consulting as a senior engineer. She served as a principal research engineer on the Vulnerability Research Team for Sourcefire supporting Snort rules development, testing, research of IP and TCP reassembly, and performing competitive analysis. Judy has over 10 years of experience in security tool development and analysis of network traffic and has worked on a computer incident and response team. She is the author of three days of material for SEC503: Intrusion Detection In-Depth and SEC567: Power Packet Crafting with Scapy. She is the co-author of Network Intrusion Detection - An Analysts Handbook (3rd Edition) and a SANS senior instructor.

View upcoming courses taught by Judy Novak

Becky Pinkard - SANS Certified Instructor

Becky Pinkard has had the pleasure of working in information technology since 1996 and has been in her current role with Barclays since June 2008. Becky was recruited by Barclays to develop the global monitoring program with the goal of supplying real-time alerting of critical security and data leakage events to the bank's remediation program, and in turn, providing risk information for the threat and vulnerability management lifecycle decision-making process.

She is a SANS Institute certified instructor and began teaching for SANS in 2001. Becky has served as a GIAC Certified Intrusion Analyst advisory board member and on the Strategic Advisory Council for the Center for Internet Security.

Becky is also a co-author of the Syngress books Nmap in the Enterprise and Intrusion Prevention and Active Response, Deploying Network and Host IPS. Becky has managed global intrusion detection and data leakage monitoring deployments, designed risk assessment and firewall strategies, performed security audits and assessments, worked forensics cases, and developed security awareness training in small and large environments.

View upcoming courses taught by Becky Pinkard

Hal Pomeranz - SANS Faculty Fellow

Hal is founder and CEO of Deer Run Associates, a systems management and security consulting firm. He has spent more than fifteen years managing systems and networks for some of the largest commercial, government, and academic organizations in the country. He is the Technical Editor for SysAdmin Magazine and was the recipient of the 2001 SAGE Outstanding Achievement award for his teaching and leadership in the field of System Administration. Hal participated in the first SANS conference and designed the SANS Step-by-Step course model. He is a top-rated instructor and author on topics ranging from information security to system and network management to Perl programming.

View upcoming courses taught by Hal Pomeranz

Mike Poor - SANS Senior Instructor

Mike is a founder and senior security analyst for the DC firm InGuardians LLC. In his recent past life he has worked for Sourcefire as a research engineer and for the SANS Institute leading their Intrusion Analysis Team. As a consultant, Mike conducts forensic analysis, penetration tests, vulnerability assessments, security audits, and architecture reviews. His primary job focus, however, is in intrusion detection, response, and mitigation. Mike currently holds both GSEC and GCIA certifications and is an expert in network engineering and systems, network and Web administration. Mike is an author of the international best selling Snort 2.1 book from Syngress and is a handler for the Internet Storm Center.

View upcoming courses taught by Mike Poor

Megan Restuccia - SANS Certified Instructor

Megan is currently a certified instructor with the SANS Institute as well as a vice president at Morgan Stanley. She has over 14 years' experience in information technology with an extensive background in networking in Unix/Linux and Windows environments for both small and large implementations. Megan currently holds professional certifications, including RHCE, CCWD, CISSP, GSEC, and GIAC GREM, and a certificate in GGSC. She also holds a BS in computer science and an MBA from Columbia University. Megan's most recent focuses were on DLP, security regulations, secure applications design and training, secure infrastructure design, and desktop encryption.

View upcoming courses taught by Megan Restuccia

David Rice - SANS Senior Instructor

David Rice is an internationally recognized cyber security expert, consulting director for policy reform at the U.S. Cyber Consequences Unit, and author of the critically acclaimed book Geekonomics: The Real Cost of Insecure Software. Mr. Rice is a key figure shaping the discussion of cyber security, and his work impacts both U.S. and European cyber security policy. As director of The Monterey Group, a private consulting firm, Mr. Rice advises a variety of clients on a range of issues, including cyber strategy development and execution, corporate cyber risk management, cyber security metrics, identity management, and secure software development practices.

View upcoming courses taught by David Rice

Ron Ritchey, Ph.D. - SANS Certified Instructor

Mr. Ritchey is an authority in the areas of secure network design and network intrusion and regularly leads penetration testing efforts for Booz Allen Hamilton where he has had the opportunity to learn first-hand the real-world impact of network vulnerabilities. He is also an active researcher in the field with peer-reviewed publications in the area of automated network security analysis and is one of the co-authors of the recently released Inside Network Perimeter Security book published by New Riders in association with the SANS Institute. Mr. Ritchey has authored courses on computer security that have been taught across the country and periodically teaches masters level courses on computer security. Mr. Ritchey holds a masters degree in computer science from George Mason University and is currently pursuing his Ph.D. in Information Technology at their School of Information Technology and Engineering. His doctoral research involves automating network security analysis.

View upcoming courses taught by Ron Ritchey, Ph.D.

Marcus Sachs - SANS Senior Instructor

Marcus Sachs serves as Executive Director of Government Affairs for National Security Policy at Verizon in Washington, D.C. Prior to joining Verizon in August 2007, he was the deputy director of SRI International's Computer Science Laboratory. Marcus has served as the director of the SANS Internet Storm Center since 2003, and is an internationally recognized computer security expert. He brings over 26 years of professional experience to SANS including 20 years of active military service as an officer in the United States Army and two years of national cyberspace security policy development as a Presidential appointee to the National Security Council staff in the George W. Bush administration. Marcus was the first cyber security official assigned to the Department of Homeland Security in 2003 where he developed the initial concept and strategy for the creation of the United States Computer Emergency Response Team. He was also a founding member of the Defense Department's Joint Task Force for Computer Network Defense, created in 1998 as the first US military organization designed to fight foreign threats in cyberspace. A graduate of the US Army Command and General Staff College, Marcus also holds a Masters degree in Computer Science with a concentration in Information Security, a Masters degree in Science and Technology Commercialization, and a Bachelor of Civil Engineering degree. He is currently pursuing a Ph.D. in Public Policy with a concentration in Science and Technology. Marcus is a licensed Professional Engineer in the Commonwealth of Virginia.

View upcoming courses taught by Marcus Sachs

Richard Salgado - SANS Senior Instructor

Richard P. Salgado serves as Google's senior counsel for worldwide law enforcement and information security matters. Previously Mr. Salgado was with Yahoo! Inc., where he focused on international privacy, security, and law enforcement compliance issues as a senior legal director. Mr. Salgado also served as senior counsel in the Computer Crime and Intellectual Property Section of the United States Department of Justice. As a federal prosecutor, Mr. Salgado specialized in investigating and prosecuting computer network cases, such as computer hacking, illegal computer wiretaps, denial of service attacks, malicious code, and other technology-driven privacy crimes. Mr. Salgado regularly speaks on the legal and policy implications of searching and seizing computers and electronic evidence, emerging surveillance technologies, digital evidence, and related criminal conduct. Mr. Salgado is a lecturer in law at Stanford Law School, where he teaches a computer crime seminar and an Internet business law and policy class; he previously served as an adjunct law professor at Georgetown University Law Center and George Mason Law School and as a faculty member of the National Judicial College. Mr. Salgado graduated magna cum laude from the University of New Mexico and in 1989 received his JD from Yale Law School.

View upcoming courses taught by Richard Salgado

Eugene Schultz - SANS Certified Instructor

Dr. Eugene Schultz, CISM, CISSP, is the Chief Technology Officer at Emagined Security, an information security consultancy based in San Carlos, California. He is the author/co-author of five books, one on Unix security, another on Internet security, a third on Windows NT/2000 security, a fourth on incident response, and the latest on intrusion detection and prevention. He has also written over 120 published papers. Gene was the Editor-in-Chief of _Computers and Security_ from 2002 - 2007, is currently on the editorial board for this journal, and is an associate editor of _Network Security_. He is also a member of the editorial board for the SANS NewsBites, a weekly information security-related news update, co-author of the 2005 and 2006 Certified Information Security Manager preparation materials, and is on the technical advisory board of three companies. Gene has previously managed an information security practice as well as a national incident response team. He has also been professor of computer science at several universities and is retired from the University of California at Berkeley. He has received the NASA Technical Excellence Award, the Department of Energy Excellence Award, the Information Systems Security Association (ISSA) Professional Achievement and Honor Roll Awards, the ISACA John Kuyers Best Speaker/Best Conference Contributor Award, the Vanguard Conference Top Gun Award (for best presenter) twice, the Vanguard Chairman's Award, and the National Information Systems Security Conference Best Paper Award. Additionally, Gene has been elected to the ISSA Hall of Fame. While at Lawrence Livermore National Laboratory he founded and managed of the U.S. Department of Energy's Computer Incident Advisory Capability (CIAC). He is also a co-founder of FIRST, the Forum of Incident Response and Security Teams. He is currently a member of the accreditation board of the Institute of Information Security Professionals (IISP). Dr. Schultz has provided expert testimony before committees within the U.S. Senate and House of Representatives on various security-related issues, and has served as an expert witness in legal cases.

View upcoming courses taught by Eugene Schultz

Dave Shackleford - SANS Certified Instructor

Dave Shackleford is the director of risk and compliance and acting director of security assessments at Sword and Shield Enterprise Security. He is also an instructor and course author for the SANS Institute, where he serves as a GIAC technical director. Previously, Dave worked as the chief security officer at Configuresoft and the chief technology officer for both the Center for Internet Security and a security consulting firm in Atlanta. He has managed information security for a major airline and has also worked as a security architect, analyst, and manager for several Fortune 500 companies. In addition, he has consulted with hundreds of organizations in the areas of regulatory compliance, security and network architecture, and engineering. Dave is the co-author of Hands-On Information Security from Course Technology as well as the "Managing Incident Response" chapter in the Course Technology book Readings and Cases in the Management of Information Security. Recently, Dave co-authored the first published course on virtualization security for the SANS Institute. Dave currently serves on the board of directors at the Technology Association of Georgia's Information Security Society and the SANS Technology Institute.

View upcoming courses taught by Dave Shackleford

Glen Sharlun - SANS Certified Instructor

Glen started his career in the literal trenches as a leader of Marines and has since transitioned that ethos to the 'trenches' of enterprise network and security operations. Having experience building a policy, consulting and audit practice, leading the global monitoring, response and forensic team, establishing an active audit (Red Team) capability, Glen finished this career as Commanding Officer (CISO), Network Defense, U.S. Marine Corps. Glen is currently the Vice President of Customer Success at ArcSight, focused on delivering the best-practices in people, process and technologies of ArcSight's network management and security operations solutions, to its customers. Glen is a graduate of the U.S. Naval Academy and the Naval Postgraduate School (MS, Information Systems Management) and has attained & instructed numerous certifications from ISC2, SANS and the National Security Agency.

View upcoming courses taught by Glen Sharlun

James Shewmaker - SANS Certified Instructor

James has over 15 years' experience in IT. He is a SANS certified instructor and is one of the first certified GSE-Malware experts. He graduated with a BS in computer science from the University of Idaho. James is a founder and active consultant for Bluenotch Corporation, which focuses on investigations, penetration testing, and analysis. He develops applications and appliances for broadcast radio, Internet, and satellite devices. James also contributes to the FreeBSD project and is a port maintainer. He presents at various security and IT conferences, is a courseware contributor, and is actively involved in the COINS program.

View upcoming courses taught by James Shewmaker

Raul Siles - SANS Certified Instructor

Raul Siles is a senior independent security consultant performing security solutions and services in various European industries. Raul's expertise includes security architecture design; penetration tests; incident handling; forensic analysis; network, system and application security assessments and hardening; intrusion detection; and information security management. He has previously worked as a security consultant with Hewlett-Packard. Raul is one of the few individuals who have earned the GIAC Security Expert (GSE) designation and also holds other SANS/GIAC certifications. Raul is a SANS Institute author and instructor for multiple courses. He is a frequent security speaker, has authored a TCP/IP security book, and contributes to security articles, reviews, and research projects. As a member of the Spanish Honeynet Project, he loves security challenges. Raul holds a master's degree in computer science from UPM (Spain) and a postgraduate in security and e-commerce.
More information at http://www.raulsiles.com.

View upcoming courses taught by Raul Siles

Stephen Sims - SANS Certified Instructor

Stephen Sims is an information security consultant currently working for Wells Fargo in San Francisco, California. He has spent the past eight years in San Francisco working for several large financial institutions on network and systems security, penetration testing, exploitation development, risk assessment and management. Prior to San Francisco, Stephen worked in the Baltimore/DC area as a network security engineer for companies such as General Motors and Sylvan Prometric. He is one of only a handful of individuals who hold the GIAC Security Expert (GSE) Certification and also helps to author and maintain the current version of the exam. He is a SANS certified instructor and the course author of SANS’ first and only 700-level course, SEC709: Developing Exploits for Penetration Testers and Security Researchers. Stephen also holds the CISSP, CISA, and Network Offense Professional (NOP) certification, amongst others.

View upcoming courses taught by Stephen Sims

Ed Skoudis - SANS Faculty Fellow

Ed Skoudis is a founder and senior security consultant with InGuardians. Ed's expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues, with over fifteen years of experience in information security. Ed authored and regularly teaches the SANS courses on network penetration testing (Security 560) and incident response (Security 504), helping over three thousand information security professionals each year improve their skills and abilities to defend their networks. He has performed numerous security assessments; conducted exhaustive anti-virus, anti-spyware, Virtual Machine, and IPS research; and responded to computer attacks for clients in financial, high technology, healthcare, and other industries.

Ed conducted a demonstration of hacker techniques against financial institutions for the United States Senate and is a frequent speaker on issues associated with hacker tools and defenses. He has published numerous articles on these topics as well as the Prentice Hall best sellers Counter Hack Reloaded and Malware: Fighting Malicious Code. Ed was also awarded 2004-2009 Microsoft MVP awards for Windows Server Security and is an alumnus of the Honeynet Project. Previous to InGuardians, Ed served as a security consultant with International Network Services (INS), Global Integrity, Predictive Systems, SAIC, and Bell Communications Research (Bellcore).

View upcoming courses taught by Ed Skoudis

Lance Spitzner - SANS Certified Instructor

Mr. Lance Spitzner is founder and president of HoneyTech, an international security consultancy specializing in securing the human. Founded in 2003, HoneyTech has offices in both the United States and the United Arab Emirates. He is internationally recognized as a leader in the field of cyber threat research, training, and awareness. He invented and developed the concept of honeynets, is the author of the book Honeypots: Tracking Hackers, and is co-author of Know Your Enemy: 2nd Edition. He has published over thirty security whitepapers and articles, including several publications in the Know Your Enemy series. Mr. Spitzner worked for Sun Microsystems for four years as a senior security architect, helping secure Sun's customers around the world. He is founder of the Honeynet Project, an international, non-profit security research organization that captures, analyzes, and shares information on cyber threats at no cost to the public.

He has spoken to numerous organizations, including the NSA, FIRST, the Pentagon, the FBI Academy, the President's Telecommunications Advisory Committee, MS-ISAC, the Navy War College, the British CESG, the Department of Justice, and Monetary Authority of Singapore. He has consulted around the world, working and presenting in over 20 countries on 6 different continents, including Germany, Brazil, UAE, Oman, Singapore, Japan, India, Philippines, Norway, Australia, Poland, Mexico, and the United Kingdom. His work has been documented in the media such as CNN, BBC, NPR, and Wall Street Journal. Mr. Spitzner serves on the Distinguished Review Board for the Air Force Institute of Technology, Technical Review Board for CCIED, and Information Assurance Curriculum Advisory Board at DePaul University and was one of the original faculty members of the SANS Institute. Mr. Spitzner has an MBA from the University of Illinois-Chicago.

View upcoming courses taught by Lance Spitzner

William Stearns - SANS Certified Instructor

Bill is a Senior Research Engineer at Dartmouth's Institute for Security Technology Studies, working on Honeypot development and other network security projects. He is a content author and faculty member at the SANS Institute. His background is in network and operating system security; he was the chief architect of a commercial firewall and is an active contributor to the Linux development effort. His spare time is spent coordinating and maintaining an antispam blacklist. Bill's articles and tools can be found in SysAdmin magazine, online journals, and at http://www.stearns.org.

View upcoming courses taught by William Stearns

John Strand - SANS Certified Instructor

John Strand currently is the owner and senior security researcher with Black Hills Information Security, and a consultant with Argotek, Inc for TS/SCI programs. As a certified SANS instructor he teaches: 504 "Hacker Techniques, Exploits and Incident Handling," 517, "Cutting Edge Hacking Techniques," and 560 "Network Penetration Testing." He is a contributing author of Nagios 3 Enterprise Network Monitoring, and a regular contributor to SearchSecurity's "Ask the Expert" series on the latest information security threats. He also regularly posts videos demonstrating the latest computer attacks and defenses at vimeo.com/album/26207. He started the practice of computer security with Accenture Consulting in the areas of intrusion detection, incident response, and vulnerability assessment/penetration testing. John then moved on to Northrop Grumman specializing in DCID 6/3 PL3-PL5 (multi-level security solutions), security architectures, and program certification and accreditation. He has a master's degree from Denver University and is currently also a professor at Denver University. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.

View upcoming courses taught by John Strand

James Tarala - SANS Senior Instructor

James Tarala is a principal consultant with Enclave Security and is based out of Venice, Florida. He is a regular speaker and senior instructor with the SANS Institute as well as a courseware author and editor for many SANS auditing and security courses. As a consultant, he has spent the past few years architecting large enterprise IT security and infrastructure architectures, specifically working with many Microsoft-based directory services, e-mail, terminal services, and wireless technologies. He has also spent a large amount of time consulting with organizations to assist them in their security management, operational practices, and regulatory compliance issues, and he often times performs independent security audits and assists internal audit groups to develop their internal audit programs. James completed his undergraduate studies at Philadelphia Biblical University and his graduate work at the University of Maryland. He holds numerous professional certifications.

View upcoming courses taught by James Tarala

Arrigo Triulzi - SANS Certified Instructor

Arrigo Triulzi, trained in Pure Mathematics, holds an MSc in Mathematical Computation from Queen Mary, University of London, and is working towards a PhD in Algebraic Computation. He is co-founder and Chief Security Officer of K2 Defender Limited, a bespoke high-end IDS solutions provider. Arrigo is also a free-lance consultant in IT Security with particular expertise in secure network design, network security analysis, and incident handling. He is also the administrator of the IDS Europe mailing list. Having worked with both popular and less common flavours of Unix he is comfortable working in any heterogeneous networking environment and his knowledge also includes esoteric operating systems such as Guardian/NSK. Arrigo is co-inventor in an EU patent for a high-performance distributed IDS design, and has written on a variety of security topics. Recent work includes web research into IDS deployment on IPv6, firewall verification using IDS, and distributed concept virii.

View upcoming courses taught by Arrigo Triulzi

Johannes Ullrich, PhD - SANS Certified Instructor

As chief research officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a Web development company and as a research physicist. Johannes holds a PhD in Physics from SUNY Albany and is located in Jacksonville, Florida.

View upcoming courses taught by Johannes Ullrich, PhD

Benjamin Wright - SANS Senior Instructor

Benjamin Wright is the author of several technology law books, including Business Law and Computer Security, published by the SANS Institute. With 24 years in private law practice, he has advised many organizations, large and small, on privacy, e-commerce, computer security and e-mail discovery and been quoted in publications around the globe, from the Wall Street Journal to the Sydney Morning Herald. He wrote and presented to the Sri Lankan government a report on technology law, which contributed to the adoption of national e-commerce legislation in 2005. Wright maintains a popular popular blog at http://legal-beagle.typepad.com.

View upcoming courses taught by Benjamin Wright

Joshua Wright - SANS Senior Instructor

Joshua Wright is a Senior Security Analyst with InGuardians, LLC and a Senior Instructor with the SANS Institute. A widely recognized expert in the wireless security field, Josh has worked with private and government organizations to evaluate the threat surrounding wireless technology. As an open-source enthusiast, Josh has developed a variety of tools that can be leveraged for penetration testing and security analysis. Prior to joining InGuardians, Josh was the Senior Security Researcher for Aruba Networks, leading a team committed to significantly improving the security of modern networks. In his spare time, Josh looks for any opportunity to void the warranty on wireless electronics.

View upcoming courses taught by Joshua Wright

Lenny Zeltser - SAVVIS

Lenny Zeltser leads the security consulting practice at Savvis. He is also a board of directors member at SANS Technology Institute, a SANS faculty member, and an incident handler at the Internet Storm Center. Lenny frequently speaks on information security and related business topics at conferences and private events, writes articles, and has co-authored several books.

Lenny is one of the few individuals in the world who have earned the highly-regarded GIAC Security Expert (GSE) designation. He also holds the CISSP certification. Lenny has an MBA degree from MIT Sloan and a computer science degree from the University of Pennsylvania. For more information about his projects, see http://www.zeltser.com.

View upcoming courses taught by Lenny Zeltser

† Disclaimer: SANS will make every effort to ensure that the instructor scheduled to teach and advertised for an event will be the instructor at the event. However, through the years, we have run into cases of illness, death in the family and failures of the transportation system that are beyond anyone's control. When we cannot supply the advertised instructor, we go through a best effort process to supply an alternate based on geography (proximity to the event) and seniority of the instructor. In rare cases of emergency, we reserve the right to supply a SANS certified instructor or higher competent in that field of study to present the course materials. Please keep in mind that all certified instructors go through a lengthy and rigorous preparation process and in some cases have even greater domain experience than the advertised instructor. We thank you for understanding.