- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
San Diego, CA - May 9 - 16, 2008
- Event Location & Info
- Faculty
- Vendor Expo
- General Info
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
Valuable information to take back to work with me, as well as hands-on testing examples.
-Carol Jones, Office of Court Administration
Faculty for SANS Security West 2008
Chris Brenton
Chris Brenton is a private consultant with over ten years of experience in the field. He is one of the founding members of the initial Honeynet Project and one of the original Internet Storm Center handlers, and he started up one of the first managed security ISP's. Over the years, he's been credited with the discovery of numerous vulnerabilities in various software products. Along with being a published author, Chris is responsible for maintaining all of the material in the SANS Perimeter Protection In-Depth course. In his spare time, Chris teaches rally and high speed off road security driving where he can be found teaching students to make their side window the front of the car.- Chris will be teaching:
- SEC 502.1 TCP/IP for Firewalls
- SEC 502.2 Firewalls, NIDS, and NIPS
- SEC 502.3 Wire Products and Assessment
- SEC 502.4 Host Level Security
- SEC 502.5 Securing the Wire
- SEC 502.6 Perimeter Wrap Up
Eric Cole, PhD
Dr. Eric Cole is an industry-recognized security expert with over 15 years of hands-on experience. Cole currently performs leading-edge security consulting and works in research and development to advance the state of the art in information systems security. Cole has experience in information technology with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Cole has a master's degree in computer science from NYIT and a PhD from Pace University with a concentration in information security. Dr. Cole is the author of several books, including Hackers Beware, Hiding in Plain Site, Network Security Bible, and Insider Threat. He is the inventor of over 20 patents and is a researcher, writer, and speaker. He is also a member of the Commission on Cyber Security for the 44th President and several executive advisory boards. Dr. Cole is also the CTO of the Americas for McAfee. Cole is actively involved with the SANS Technology Institute (STI) and SANS working with students, teaching, and maintaining and developing courseware. He is a SANS faculty fellow and course author.- Eric will be teaching:
- SEC 401.1 Networking Concepts
- SEC 401.2 Defense In-Depth
- SEC 401.3 Internet Security Technologies
- SEC 401.4 Secure Communications
- SEC 401.5 Windows Security
- SEC 401.6 Linux Security
- SEC 334.1 Networking Concepts
- SEC 334.2 Defense In-Depth
- SEC 334.3 Internet Security Technologies
- SEC 334.4 Secure Communications
Eric Conrad
Certified SANS Instructor Eric Conrad's career began in 1991 as a Unix sysadmin for a small oceanographic communications company. He gained experience in a variety of industries, including research, education, power, Internet, and healthcare, and has worked with companies such as Mitsubishi Electric Research Labs, Boston University, The Open Group, Navipath, and Caritas Christi Health Care. He is now an independent information security consultant focusing on intrusion detection, incident handling, and penetration testing. In addition to the CISSP, he holds the prestigious GIAC Security Expert (GSE) certification as well as the GIAC GPEN, GCIH, GCIA, GCFA, GAWN, GSEC certifications. He is a contributing author to SANS HIPAA Security Implementation.- Eric will be teaching:
- MGT 414.1 Overview and Access Control Systems & Methodology
- MGT 414.2 Telecommunications, Network & Internet Security and Security Management Practices
- MGT 414.3 Applications & Systems Development and Cryptography
- MGT 414.4 Security Architecture & Models and Operations Security
- MGT 414.5 Business Continuity Planning and Law, Investigations & Ethics
- MGT 414.6 Physical Security
Jason Fossen
Jason Fossen is a principal security consultant at Enclave Consulting LLC, a published author, and a frequent public speaker on Microsoft security issues. He is the sole author of the SANS Institute's week-long Securing Windows course (SEC505), maintains the Windows day of Security Essentials (SEC401.5), and has been involved in numerous other SANS projects since 1998. He graduated from the University of Virginia, received his master's degree from the University of Texas at Austin, and holds a number of professional certifications. He currently lives in Dallas, Texas.- Jason will be teaching:
- SEC 505.1 Windows Active Directory and DNS
- SEC 505.2 Windows Group Policy
- SEC 505.3 Windows PKI, EFS and BitLocker
- SEC 505.4 Windows IPSec, RADIUS, Wireless, and VPNs
- SEC 505.5 Securing Internet Information Server
- SEC 505.6 Windows Scripting for Security
- SEC 505.1 Securing Active Directory and DNS
- SEC 505.2 Security Through Group Policy
- SEC 505.3 Windows PKI, EFS and BitLocker
- SEC 505.4 Windows IPSec, RADIUS, Wireless, and VPNs
- SEC 505.5 Securing Internet Information Server
- SEC 505.6 Windows PowerShell
David Hoelzer
With more than twenty years of experience, David has served in positions ranging from the highly technical to senior management for a variety of organizations. For the last ten years, David has been the director of research for Cyber-Defense and the principal examiner for Enclave Forensics. In addition to day-to-day responsibilities, he has acted as an expert witness for the Federal Trade Commission and continues to teach at major SANS events, teaching security professionals from organizations including NSA, USDA Forest Service, Fortune 500 security engineers and managers, DHHS, various DoD sites, national laboratories, and many colleges and universities. From time to time David also speaks nationally and internationally on various security topics.- David will be teaching:
- AUD 521.1 Meeting the Minimum: PCI/DSS 1.2: Becoming and Staying Compliant
- AUD 521.2 Meeting the Minimum: PCI/DSS 1.2: Becoming and Staying Compliant
Kevin Johnson
Kevin Johnson is a senior security analyst with InGuardians, LLC. Kevin came to security from a development and system administration background. He has many years of experience performing security services for Fortune 100 companies, and in his spare time he contributes to a large number of open source security projects. Kevin founded and leads the development on the Basic Analysis and Security Engine (BASE) project, the most popular Web interface for the Snort intrusion detection system. Kevin is an instructor for SANS, teaching both SEC504: Hacker Techniques, Exploits, and Incident Handling and SEC542: Web App Penetration Testing and Ethical Hacking. He has presented to many organizations, including Infragard, ISACA, ISSA, and the University of Florida.- Kevin will be teaching:
- SEC 542.1 Web App Penetration Testing and Ethical Hacking: The Attacker's View of the Web
- SEC 542.2 Web App Penetration Testing and Ethical Hacking: The Attack Process Part 1
- SEC 542.3 Web App Penetration Testing and Ethical Hacking: The Attack Process Part 2
- SEC 542.4 Web App Penetration Testing and Ethical Hacking: The Attack Process Part 3
- SEC 519 Web Application Security Workshop
Fred Kerby
Fred is an engineer, manager, and security practitioner whose experience spans several generations of networking. He is the information assurance manager at the Naval Surface Warfare Center, Dahlgren Division and has vast experience with the political side of security incident handling. His team is one of the recipients of the SANS Security Technology Leadership Award as well as the Government Technology Leadership Award. Fred received the Navy Meritorious Civilian Service Award in recognition of his technical and management leadership in computer and network security. A frequent speaker at SANS, Fred’s presentations reflect his opinions and are not the opinions of the Department of the Navy.- Fred will be teaching:
- SEC 301.1 A Framework for Information Security
- SEC 301.2 Securing the Infrastructure
- SEC 301.3 Cryptography and Security in the Enterprise
- SEC 301.4 Information Security Policy
- SEC 301.5 Defense In-Depth: Lessons Learned
Frank Kim
Frank Kim is a co-founder and principal consultant with Think Security Consulting (http://www.thinksec.com), a San Francisco Bay area based application security consulting firm. Frank is an author and instructor for SANS Security 541: Secure Coding in Java/JEE. He has over ten years of experience developing applications using Java/Java EE and has designed and developed Web applications for large health care, technology, insurance, and consulting companies. Frank currently focuses on integrating security into the software development life cycle by doing penetration testing, security assessments, architecture reviews, code reviews, and training. Frank holds the CISSP, GPEN, GCIH, GCFA, GCIA, and GSSPJava certifications and is a Sun Certified Java Developer and Programmer.- Frank will be teaching:
- DEV 541.1 Data Validation
- DEV 541.2 Authentication & Session Management
- DEV 541.3 Access Control & Java Security APIs
- DEV 541.4 Java Language & JRE Security Topics
Michael Murr
Michael has been a forensic analyst with Code-X Technologies for over five years, has conducted numerous investigations and computer forensic examinations, and has performed specialized research and development. Michael has taught SANS Security 504 (Hacker Techniques, Exploits, and Incident Handling), SANS Security 508 (Computer Forensics, Investigation, and Response), and SANS Security 601 (Reverse-Engineering Malware); has led SANS@Home courses; and is a member of the GIAC Advisory Board. Currently, Michael is working on an open-source framework for developing digital forensics applications. Michael holds the GCIH, GCFA, and GREM certifications and has a degree in computer science from California State University at Channel Islands.- Michael will be teaching:
- SEC 508.1 Forensic and Investigative Essentials
- SEC 508.2 Forensic Methodology Illustrated Part 1
- SEC 508.3 Forensic Methodology Illustrated Part 2
- SEC 508.4 Windows File System Forensics
- SEC 508.5 Computer Investigative Law for Forensic Analysts
- SEC 508.6 Advanced Forensics and the Forensic Challenge
- SEC 553 Up and Running with the Metasploit Framework
- SEC 427 Browser Forensics
John Myers
John Myers has thirty-plus years of Cryptography, Communications Security (COMSEC), Emission Security (TEMPEST), Computer Security (COMPUSEC), electronic data processing (EDP) security, information security (INFOSEC), and enterprise information assurance (IA) experience. Experience ranges from technician level to senior technical and managerial positions. Expertise focused on all areas of security certification and accreditation (C&A). Performed C&As on applications, stand-alone systems, local area networks, wide area networks and legacy systems. Over five years of classroom instruction, instructional systems design, and course development.- John will be teaching:
- SPECIAL Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) Training
Stephen Northcutt
Stephen Northcutt founded the GIAC certification and currently serves as president of the SANS Technology Institute, a postgraduate level IT security college (www.sans.edu). Stephen is author/coauthor of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security 2nd Edition, IT Ethics Handbook, SANS Security Essentials, SANS Security Leadership Essentials and Network Intrusion Detection 3rd edition. He was the original author of the Shadow Intrusion Detection system before accepting the position of chief for information warfare at the Ballistic Missile Defense Organization. Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crewman, white water raft guide, chef, martial arts instructor, cartographer, and network designer.- Stephen will be teaching:
- MGT 512.1 Managing the Plant, Network, and Information Architecture
- MGT 512.2 Defense In Depth
- MGT 512.3 Secure Communications
- MGT 512.4 The Value of Information
- MGT 512.5 Management Practicum
Mike Poor
Mike is a founder and senior security analyst for the DC firm InGuardians LLC. In his recent past life he has worked for Sourcefire as a research engineer and for the SANS Institute leading their Intrusion Analysis Team. As a consultant, Mike conducts forensic analysis, penetration tests, vulnerability assessments, security audits, and architecture reviews. His primary job focus, however, is in intrusion detection, response, and mitigation. Mike currently holds both GSEC and GCIA certifications and is an expert in network engineering and systems, network and Web administration. Mike is an author of the international best selling Snort 2.1 book from Syngress and is a handler for the Internet Storm Center.- Mike will be teaching:
- SEC 503.1 TCP/IP for Intrusion Detection
- SEC 503.2 Network Traffic Analysis Using TCPdump - Part 1
- SEC 503.3 Network Traffic Analysis Using TCPdump - Part 2
- SEC 503.4 Intrusion Detection Snort Style
- SEC 503.5 Security Information Management and Traffic Analysis - Part 1
- SEC 503.6 Security Information Management and Traffic Analysis - Part 2
David Rice
David Rice is an internationally recognized cyber security expert, consulting director for policy reform at the U.S. Cyber Consequences Unit, and author of the critically acclaimed book Geekonomics: The Real Cost of Insecure Software. Mr. Rice is a key figure shaping the discussion of cyber security, and his work impacts both U.S. and European cyber security policy. As director of The Monterey Group, a private consulting firm, Mr. Rice advises a variety of clients on a range of issues, including cyber strategy development and execution, corporate cyber risk management, cyber security metrics, identity management, and secure software development practices.
- David will be teaching:
- SEC 617.1 Wireless Architecture, RF Fundamentals
- SEC 617.2 Auditing Wireless Networks - Hands-on
- SEC 617.3 WLAN Hacker Tools and Techniques Part 1
- SEC 617.4 WLAN Hacker Tools and Techniques Part 2
- SEC 617.5 WLAN Hacker Tools and Techniques Part 3 - Hands-on
- SEC 617.6 Designing a Secure Wireless Infrastructure - Hands-on
James Shewmaker
James has over 15 years' experience in IT. He is a SANS certified instructor and is one of the first certified GSE-Malware experts. He graduated with a BS in computer science from the University of Idaho. James is a founder and active consultant for Bluenotch Corporation, which focuses on investigations, penetration testing, and analysis. He develops applications and appliances for broadcast radio, Internet, and satellite devices. James also contributes to the FreeBSD project and is a port maintainer. He presents at various security and IT conferences, is a courseware contributor, and is actively involved in the COINS program.- James will be teaching:
- SEC 504.1 Incident Handling Step-by-Step and Computer Crime Investigation
- SEC 504.2 Computer and Network Hacker Exploits - Part 1
- SEC 504.3 Computer and Network Hacker Exploits - Part 2
- SEC 504.4 Computer and Network Hacker Exploits - Part 3
- SEC 504.5 Computer and Network Hacker Exploits - Part 4
- SEC 504.6 Hacker Tools Workshop
- SEC 537 Identifying and Removing Malware
John Strand
John Strand currently is the owner and senior security researcher with Black Hills Information Security, and a consultant with Argotek, Inc for TS/SCI programs. As a certified SANS instructor he teaches: 504 "Hacker Techniques, Exploits and Incident Handling," 517, "Cutting Edge Hacking Techniques," and 560 "Network Penetration Testing." He is a contributing author of Nagios 3 Enterprise Network Monitoring, and a regular contributor to SearchSecurity's "Ask the Expert" series on the latest information security threats. He also regularly posts videos demonstrating the latest computer attacks and defenses at vimeo.com/album/26207. He started the practice of computer security with Accenture Consulting in the areas of intrusion detection, incident response, and vulnerability assessment/penetration testing. John then moved on to Northrop Grumman specializing in DCID 6/3 PL3-PL5 (multi-level security solutions), security architectures, and program certification and accreditation. He has a master's degree from Denver University and is currently also a professor at Denver University. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.- John will be teaching:
- SEC 560.1 Network Penetration Testing: Planning, Scoping, and Recon
- SEC 560.2 Network Penetration Testing: Scanning
- SEC 560.3 Network Penetration Testing: Exploitation
- SEC 560.4 Network Penetration Testing: Password Attacks
- SEC 560.5 Network Penetration Testing: Wireless and Web Apps
- SEC 560.6 Penetration Testing Workshop & Capture the Flag Event
James Tarala
James Tarala is a principal consultant with Enclave Security and is based out of Venice, Florida. He is a regular speaker and senior instructor with the SANS Institute as well as a courseware author and editor for many SANS auditing and security courses. As a consultant, he has spent the past few years architecting large enterprise IT security and infrastructure architectures, specifically working with many Microsoft-based directory services, e-mail, terminal services, and wireless technologies. He has also spent a large amount of time consulting with organizations to assist them in their security management, operational practices, and regulatory compliance issues, and he often times performs independent security audits and assists internal audit groups to develop their internal audit programs. James completed his undergraduate studies at Philadelphia Biblical University and his graduate work at the University of Maryland. He holds numerous professional certifications.- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy