- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive!
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top Security Risks
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
San Diego, CA - May 11 - 16, 2006
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
Best IT Security return on Investment.
-Mario Chiock, Schlumberger
Faculty for SANS Security 2006
Tanya Baccam
Tanya is a SANS senior instructor as well as a SANS courseware author. She provides many security consulting services for clients, such as system audits, vulnerability and risk assessments, database audits, and Web application audits. Tanya has previously worked as the director of assurance services for a security services consulting firm and the manager of infrastructure security for a healthcare organization. She also served as a manager at Deloitte & Touche in the Security Services practice. Throughout her career she's consulted with many clients about their security architecture, including areas such as perimeter security, network infrastructure design, system audits, Web server security, and database security. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, and Oracle DBA certifications.- Tanya will be teaching:
- MGT 414.1 Overview and Domain 1: Access Control Systems & Methodology
- MGT 414.2 Domain 2: Telecommunications, Network & Domain 3: Internet Security and Security Management Practices
- MGT 414.3 Domain 4: Applications and Systems Development & Domain 5: Cryptography
- MGT 414.4 Domain 6: Security Architecture & Models and Domain 7: Operations Security
- MGT 414.5 Domain 8: Business Continuity Planning and Domain 9: Law, Investigations & Ethics
- MGT 414.6 Domain 10: Physical Security
Chris Brenton
Chris Brenton is a private consultant with over ten years of experience in the field. He is one of the founding members of the initial Honeynet Project and one of the original Internet Storm Center handlers, and he started up one of the first managed security ISP's. Over the years, he's been credited with the discovery of numerous vulnerabilities in various software products. Along with being a published author, Chris is responsible for maintaining all of the material in the SANS Perimeter Protection In-Depth course. In his spare time, Chris teaches rally and high speed off road security driving where he can be found teaching students to make their side window the front of the car.- Chris will be teaching:
- SEC 502.1 TCP/IP for Firewalls
- SEC 502.2 Packet Filters
- SEC 502.3 Firewalls
- SEC 502.4 Defense In-Depth
- SEC 502.5 Forensics, VPNs and Wireless
- SEC 502.6 Network Design and Assessment
Jason Fossen
Jason Fossen is a principal security consultant at Enclave Consulting LLC, a published author, and a frequent public speaker on Microsoft security issues. He is the sole author of the SANS Institute's week-long Securing Windows course (SEC505), maintains the Windows day of Security Essentials (SEC401.5), and has been involved in numerous other SANS projects since 1998. He graduated from the University of Virginia, received his master's degree from the University of Texas at Austin, and holds a number of professional certifications. He currently lives in Dallas, Texas. Jason blogs about Windows Security Issues on the SANS Windows Security Blog.
- Jason will be teaching:
- SEC 505.1 Windows Active Directory and DNS
- SEC 505.2 Windows Group Policy
- SEC 505.3 Windows PKI, Smart Cards & EFS
- SEC 505.4 Windows IPSec, VPNs and Wireless Security
- SEC 505.5 Securing Internet Information Server
- SEC 505.6 Windows Scripting for Security
- SEC 520 Microsoft ISA Server
David Hoelzer
With more than twenty years of experience, David has served in positions ranging from the highly technical to senior management for a variety of organizations. For the last ten years, David has been the director of research for Cyber-Defense and the principal examiner for Enclave Forensics. In addition to day-to-day responsibilities, he has acted as an expert witness for the Federal Trade Commission and continues to teach at major SANS events, teaching security professionals from organizations including NSA, USDA Forest Service, Fortune 500 security engineers and managers, DHHS, various DoD sites, national laboratories, and many colleges and universities. From time to time David also speaks nationally and internationally on various security topics. David also blogs about IT Audit issues at the SANS It Audit blog.
- David will be teaching:
- AUD 507.1 Auditing Principles and Concepts
- AUD 507.2 Auditing the Perimeter
- AUD 507.3 Network Auditing Essentials
- AUD 507.4 Auditing Web-Based Applications
- AUD 507.5 Advanced Systems Audit Windows NT/2000
- AUD 507.6 Advanced Systems Audit: Unix
Fred Kerby
Fred is an engineer, manager, and security practitioner whose experience spans several generations of networking. He is the information assurance manager at the Naval Surface Warfare Center, Dahlgren Division and has vast experience with the political side of security incident handling. His team is one of the recipients of the SANS Security Technology Leadership Award as well as the Government Technology Leadership Award. Fred received the Navy Meritorious Civilian Service Award in recognition of his technical and management leadership in computer and network security. A frequent speaker at SANS, Fred's presentations reflect his opinions and are not the opinions of the Department of the Navy.- Fred will be teaching:
- SEC 309.1 A Framework for Information Security
- SEC 309.2 Securing the Infrastructure
- SEC 309.3 Cryptography and Security in the Enterprise
- SEC 309.4 Information Security Policy
- SEC 309.5 Defense In-Depth: Lessons Learned
- SEC 309.6 Disaster Recovery and Business Continuity Workshop
Rob Lee
Rob Lee is a Director for MANDIANT, a leading provider of information security consulting services and software to Fortune 500 organizations and the U.S. government. Rob is also the curriculum lead for digital forensic training at the SANS Institute. Rob has more than 14 years' experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response. Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations, incident response, and computer forensics. Prior to joining MANDIANT, he directly worked with a variety of government agencies in the law enforcement, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and exploit development team, lead for a cyber forensics branch, and lead for a computer forensic and security software development team. Rob coauthored the bestselling book Know Your Enemy, 2nd Edition. Rob earned his MBA from Georgetown University in Washington DC. He was awarded the Digital Forensic Examiner of the Year from the Forensic 4Cast Awards. He blogs about computer forensic and incident response topics at the SANS Computer Forensic Blog. Rob also co-authored the MANDIANT threat intelligence report - M-Trends: The Advanced Persistent Threat.
- Rob will be teaching:
- SEC 508.1 Forensic and Investigative Essentials
- SEC 508.2 Forensic Methodology Illustrated Using Linux Part I
- SEC 508.3 Forensic Methodology Illustrated Using Linux Part II
- SEC 508.4 Windows and NTFS Filesystem Forensics
- SEC 508.5 Computer Investigative Law for Forensic Analysts
- SEC 508.6 Advanced Forensics and the Forensic Challenge
Matthew Luallen
Matthew E. Luallen is a well-respected information professional, researcher, instructor and author. Mr. Luallen serves as the President and Principal Consultant of Sph3r3, LLC., a strategic and practical educational and consulting company. With Sph3r3 Mr. Luallen consults with both governmental and commercial sectors including a multi-client base of corporations, public utilities, financial institutions, law enforcement and healthcare organizations. He has provided assistance and architectural support for many information security projects including integrating compliance requirements associated with SOX, HIPAA and the NERC CIP standard. Recent endeavors include architecting and integrating protective controls for financial market transactions, virtualized environments and SCADA systems. Prior to incorporating Sph3r3, Mr. Luallen provided strategic guidance for Argonne National Laboratory, U.S. Department of Energy, within the Information Architecture and Cyber Security Program Office. In an effort to promote education and collaboration in information security Mr. Luallen is an instructor and faculty at several institutions. Mr. Luallen is adjunct faculty for DePaul University instructing the Computer Information and Network Security Masters degree capstone course. He is also a certified instructor and CCIE for Cisco Systems instructing security technologies such as firewalls, intrusion prevention, virtual private networks and general secure information architecture. As a certified instructor for the SANS Institute Mr. Luallen teaches infrastructure architecture, wireless security, web application security, regulatory and standards compliance, and security essentials. Mr. Luallen is a graduate of National Technological University with a Master's Degree in Computer Science, Mr. Luallen also holds a Bachelor of Science degree in Industrial Engineering from the University of Illinois, Urbana.- Matthew will be teaching:
- SEC 617.1 Wireless Architecture, RF Fundamentals
- SEC 617.2 Auditing Wireless Networks - Hands-on
- SEC 617.3 WLAN Hacker Tools and Techniques Part I - Hands-on
- SEC 617.4 WLAN Hacker Tools and Techniques Part II - Hands-on
- SEC 617.5 WLAN Hacker Tools and Techniques Part III - Hands-on
- SEC 617.6 Designing a Secure Wireless Infrastructure - Hands-on
Sean Mitchell
Sean Mitchell is the Information Security Manager at Children's Hospital and Health Center. Previous IT positions he has held include Operations Manager, Network Administrator, and Project Manager. Sean currently holds the GSNA, GCIH, GSEC, GGSC, CISSP, CISA, CISM, PMP, ABCP, IAM, and IEM certifications. Sean has a Master of Science in Business Administration with a concentration in Information and Decision Systems from San Diego State University and a Bachelor of Arts in Economics from the University of California, San Diego.- Sean will be teaching:
- MGT 524 Security Policy & Awareness
Stephen Northcutt
Stephen Northcutt founded the GIAC certification and currently serves as president of the SANS Technology Institute, a postgraduate level IT security college (www.sans.edu). Stephen is author/coauthor of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security 2nd Edition, IT Ethics Handbook, SANS Security Essentials, SANS Security Leadership Essentials and Network Intrusion Detection 3rd edition. He was the original author of the Shadow Intrusion Detection system before accepting the position of chief for information warfare at the Ballistic Missile Defense Organization. Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crewman, white water raft guide, chef, martial arts instructor, cartographer, and network designer.
Since 2007 Stephen has conducted over 34 in-depth interviews with leaders in the security industry, from CEOs of security product companies to the most well-known practitioners in order to research the competencies required to be a successful leader in the security field. He maintains the SANS Leadership Laboratory, where research on these competencies is posted as well as SANS Security Musings. He is the lead author for Execubytes, a monthly newsletter that covers both technical and pragmatic information for security managers. He leads the Management 512 Alumni forum, where hundreds of security managers post questions. He is the lead author/instructor for Management 512: SANS Security Leadership Essentials for Managers, a prep course for the GSLC certification that meets all levels of requirements for DoD Security Managers per DoD 8570, and he also is the lead author/instructor for Management 421: SANS Leadership and Management Competencies. Stephen also blogs at the SANS Security Leadership blog.
- Stephen will be teaching:
- MGT 512.1 SANS Security Leadership Essentials I: Managing the Plant, Network, and Information Architecture
- MGT 512.2 SANS Security Leadership Essentials II: Defense In-Depth
- MGT 512.3 SANS Security Leadership Essentials III: Internet Security Technologies
- MGT 512.4 SANS Security Leadership Essentials IV: Secure Communications
- MGT 512.5 SANS Security Leadership Essentials V: Management Practicum
Mike Poor
Mike is a founder and senior security analyst for the DC firm InGuardians LLC. In his recent past life he has worked for Sourcefire as a research engineer and for the SANS Institute leading their Intrusion Analysis Team. As a consultant, Mike conducts forensic analysis, penetration tests, vulnerability assessments, security audits, and architecture reviews. His primary job focus, however, is in intrusion detection, response, and mitigation. Mike currently holds both GSEC and GCIA certifications and is an expert in network engineering and systems, network and Web administration. Mike is an author of the international best selling Snort 2.1 book from Syngress and is a handler for the Internet Storm Center.- Mike will be teaching:
- SEC 503.1 TCP/IP for Intrusion Detection
- SEC 503.2 Network Traffic Analysis Using TCPdump - Part 1
- SEC 503.3 Network Traffic Analysis Using TCPdump - Part 2
- SEC 503.4 Intrusion Detection Snort Style
- SEC 503.5 Security Information Management and Intrusion Analysis – Part 1
- SEC 503.6 Security Information Management and Intrusion Analysis – Part 2
David Rice
David Rice is an internationally recognized cyber security expert, consulting director for policy reform at the U.S. Cyber Consequences Unit, and author of the critically acclaimed book Geekonomics: The Real Cost of Insecure Software. Mr. Rice is a key figure shaping the discussion of cyber security, and his work impacts both U.S. and European cyber security policy. As director of The Monterey Group, a private consulting firm, Mr. Rice advises a variety of clients on a range of issues, including cyber strategy development and execution, corporate cyber risk management, cyber security metrics, identity management, and secure software development practices.
- David will be teaching:
- DEV 616.1 .NET Framework Architecture
- DEV 616.2 .NET Framework Security
- DEV 616.3 ASP.NET Security
- DEV 616.4 Defensible ASP.NET Architecture
- DEV 616.5 Defensible ASP.NET Applications
- DEV 616.6 Web Services Security
Marcus Sachs
Marcus Sachs serves as Executive Director of Government Affairs for National Security Policy at Verizon in Washington, D.C. Prior to joining Verizon in August 2007, he was the deputy director of SRI International's Computer Science Laboratory. Marcus has served as the director of the SANS Internet Storm Center since 2003, and is an internationally recognized computer security expert. He brings over 26 years of professional experience to SANS including 20 years of active military service as an officer in the United States Army and two years of national cyberspace security policy development as a Presidential appointee to the National Security Council staff in the George W. Bush administration. Marcus was the first cyber security official assigned to the Department of Homeland Security in 2003 where he developed the initial concept and strategy for the creation of the United States Computer Emergency Response Team. He was also a founding member of the Defense Department's Joint Task Force for Computer Network Defense, created in 1998 as the first US military organization designed to fight foreign threats in cyberspace. A graduate of the US Army Command and General Staff College, Marcus also holds a Masters degree in Computer Science with a concentration in Information Security, a Masters degree in Science and Technology Commercialization, and a Bachelor of Civil Engineering degree. He is currently pursuing a Ph.D. in Public Policy with a concentration in Science and Technology. Marcus is a licensed Professional Engineer in the Commonwealth of Virginia.- Marcus will be teaching:
- SEC 401.1 SANS Security Essentials I: Networking Concepts
- SEC 401.2 SANS Security Essentials II: Defense In-Depth
- SEC 401.3 SANS Security Essentials III: Internet Security Technologies
- SEC 401.4 SANS Security Essentials IV: Secure Communications
- SEC 401.5 SANS Security Essentials V: Windows Security
- SEC 401.6 SANS Security Essentials VI: Unix Security
Ed Skoudis
Ed Skoudis is a founder and senior security consultant with InGuardians. Ed's expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues, with over fifteen years of experience in information security. Ed authored and regularly teaches the SANS courses on network penetration testing (Security 560) and incident response (Security 504), helping over three thousand information security professionals each year improve their skills and abilities to defend their networks. He has performed numerous security assessments; conducted exhaustive anti-virus, anti-spyware, Virtual Machine, and IPS research; and responded to computer attacks for clients in financial, high technology, healthcare, and other industries.
Ed conducted a demonstration of hacker techniques against financial institutions for the United States Senate and is a frequent speaker on issues associated with hacker tools and defenses. He has published numerous articles on these topics as well as the Prentice Hall best sellers Counter Hack Reloaded and Malware: Fighting Malicious Code. Ed was also awarded 2004-2009 Microsoft MVP awards for Windows Server Security and is an alumnus of the Honeynet Project. Previous to InGuardians, Ed served as a security consultant with International Network Services (INS), Global Integrity, Predictive Systems, SAIC, and Bell Communications Research (Bellcore). Ed also blogs about command line tips.
- Ed will be teaching:
- SEC 504.1 Incident Handling Step-by-Step and Computer Crime Investigation
- SEC 504.2 Computer and Network Hacker Exploits - Part 1
- SEC 504.3 Computer and Network Hacker Exploits - Part 2
- SEC 504.4 Computer and Network Hacker Exploits - Part 3
- SEC 504.5 Computer and Network Hacker Exploits - Part 4
- SEC 504.6 Hacker Tools Workshop
James Tarala
James Tarala is a principal consultant with Enclave Security and is based out of Venice, Florida. He is a regular speaker and senior instructor with the SANS Institute as well as a courseware author and editor for many SANS auditing and security courses. As a consultant, he has spent the past few years architecting large enterprise IT security and infrastructure architectures, specifically working with many Microsoft-based directory services, e-mail, terminal services, and wireless technologies. He has also spent a large amount of time consulting with organizations to assist them in their security management, operational practices, and regulatory compliance issues, and he often times performs independent security audits and assists internal audit groups to develop their internal audit programs. James completed his undergraduate studies at Philadelphia Biblical University and his graduate work at the University of Maryland. He holds numerous professional certifications.- James will be teaching:
- AUD 411.1 Introduction to ISO/IEC 17799/27001: Policy, ISMS & Awareness
- AUD 411.2 SANS 17799/27001 Controls & Process Improvement I
- AUD 411.3 SANS 17799/27001 Controls & Process Improvement II
- AUD 411.4 SANS 17799/27001 Controls & Process Improvement III
- AUD 411.5 Risk Management, Security Compliance and Audit Controls
- AUD 411.6 ISO-17799 Implementation
- © 2000-2010 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy