the most trusted source for computer security training, certification and research
select a course
Toronto, ON - May 10 - 16, 2008
Global Information Assurance Certification

Intense, fast paced. Modern day Sherlock Holmes!
-Cody Drake, Allstate Ins. Co.

Faculty for SANS Toronto 2008

Tanya Baccam
Tanya is a SANS senior instructor, as well as a SANS courseware author. She provides many security consulting services for clients such as system audits, vulnerability and risk assessments, database assessments, web application assessments and penetration testing. Tanya has previously worked as the Director of Assurance Services for a security services consulting firm, as well as being the Manager of Infrastructure Security for a healthcare organization. She also served as a Manager at Deloitte & Touche in the Security Services practice. Throughout her career, she's consulted with many clients about their security architecture, including areas such as perimeter security, network infrastructure design, system audits, web server security, and database security. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, CCSE, CCSA and Oracle DBA certifications.
top^
Nishchal Bhalla
Nishchal Bhalla, the Founder of Security Compass, is a specialist in product, code, web application, host and network reviews. Nish has coauthored and contributed to a number of books including "Buffer Overflow Attacks: Detect, Exploit & Prevent" and "Hacking Exposed: Web Applications, 2nd Edition". Nish is the Toronto Chapter chair of the Open Web Application Security Project (OWASP). He has written articles and is often quoted by the media as an information security expert. Nish is a frequent speaker on emerging security issues at a variety of conferences, including Blackhat Europe in Amsterdam, Reverse Engineering Conference in Montreal, and HackInTheBox in Malaysia. He has extensive experience in creating and teaching classes in information security. Nish holds his Masters in Parallel Processing from Sheffield University, is a postgraduate in Finance from Strathclyde University, and a Bachelor in Commerce from Bangalore University.
top^
Guy Bruneau
Guy is a Senior Security Consultant with IPSS Inc. in Ottawa, Ontario. He works within IPSS Inc. security practice assisting clients with their Security needs, implementation and engineering of Intrusion Detection/Prevention Systems (IDS/IPS) on large networks, integration of Enterprise Security Management (ESM) solutions, Network Security Auditing, and Incident Response and Reporting. Guy has a B.A. (IT) from University of Quebec, holds GIAC GSEC, GCIA, GCIH, GCUX, GCFA and ISSPCS certifications. He is a SANS certified instructor, a course author and Stay Sharp instructor. He authored the OS hardened Snort with Sguil IDS platform where the ISO is freely available at: http://www.whitehats.ca.
top^
Bryce Galbraith
Bryce began his IT journey at 10 years of age with a Commodore 64 and a 300 baud modem – he never looked back. As a contributing author of the internationally bestselling book, Hacking Exposed: Network Security Secrets & Solutions, Bryce helped bring the secret world of hacking out of the darkness and into the public eye. Bryce has held security positions at global ISPs and Fortune 500 companies as well as being a Senior Consultant on Foundstone’s world renowned attack and penetration team. Bryce also served as Senior Instructor and co-author of Foundstone’s, “Ultimate Hacking: Hands-On” series. He has taught the art of ethical hacking and countermeasures to thousands of IT professionals from a "who's who" of top companies, financial institutions, and government agencies around the globe. Bryce teaches SANS Security 504, "Hacker Techniques, Exploits and Incident Handling” and SANS Security 401, “Security Essentials Boot Camp” for SANS Institute. Bryce is an active member of several security-related professional organizations, he speaks at a variety of conferences and holds a number of certifications: CISSP, GCIH, GSEC, CEH, CHFI, Security+. Bryce is currently Lead Consultant and co-founder of Layered Security, Inc.
top^
Rob Lee
Rob Lee is a Principal Consultant for MANDIANT, a leading provider of information security consulting services and software to Fortune 500 organizations and the U.S. Government. Rob has over 11 years experience in computer forensics, vulnerability discovery, intrusion detection, and incident response. Rob graduated the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on Information Operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations and computer forensics. Prior to joining MANDIANT, he worked on contracts for a variety of government agencies, where he was the technical lead for a vulnerability discovery team, contractor lead for cyber forensics branch, and led a security software development team. Rob also coauthored the bestselling book, Know Your Enemy, 2nd Edition. In addition to working for MANDIANT and the SANS Institute, Rob is currently pursuing his MBA at Georgetown University in Washington D.C.
top^
Rohit Sethi
Rohit Sethi, Manager of Professional Services, Security Compass, is a specialist in threat modeling, application security reviews, and building security controls into the software development life cycle (SDLC). He has written articles on topics of application security for Security Focus and the Web Application Security Consortium (WASC). Prior to becoming a SANS instructor, Rohit taught courses on application security to hundreds of developers in fields ranging from financial services, to telecommunications, to healthcare. With a background in software engineering, Rohit emphasizes how to practically build application security controls into existing applications. Rohit holds an Honors Bachelor of Science degree in Computer Science with Software Engineering Specialization from the University of Western Ontario. He is also a Certified Information Systems Security Professional (CISSP), and a Sun certified Java programmer.
top^
Dave Shackleford
Dave Shackleford, Director of Configuresoft's Center for Policy & Compliance, is a course and exam author for the SANS Institute, where he also serves as a GIAC Technical Director. He is the co-author of Hands-On Information Security from Course Technology, as well as the “Managing Incident Response” chapter in the Course Technology book, Readings and Cases in the Management of Information Security. Previously, he worked as CTO for the Center for Internet Security, as well as for a security consulting firm in Atlanta. He has also worked as a security architect, analyst, and manager for several Fortune 500 companies. He has consulted with hundreds of organizations in the areas of regulatory compliance, security and network architecture and engineering. His specialties include incident handling and response, intrusion detection and traffic analysis, and vulnerability assessment and penetration testing.
top^
Stephen Sims
Stephen Sims is an Information Security Consultant currently working for Wells Fargo in San Francisco, CA. He has spent the past seven years in the Bay Area working for several large financial institutions on Network and Systems Security, Reverse-Engineering Malware, Risk Assessment and Management. Prior to San Francisco, Stephen worked in the Baltimore/DC area as a Network Security Engineer for companies such as General Motors and Sylvan Prometric. He is one of only a handful of individuals who holds the GIAC Security Expert (GSE) Certification and is currently working with GIAC and White Wolf Security to administer this years exam in Las Vegas. . He is a SANS certified instructor and holds several other certifications such as the CISSP and CISA and is currently co-authoring a book on exploit techniques.
top^
Dr. Johannes Ullrich, Ph.D.
As Chief Research Officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a web development company and as a research physicist. Johannes holds a Ph.D. in Physics from SUNY Albany and is located in Jacksonville FL.
top^