Group Purchasing

Group Purchasing

Brian Almond

Certified InstructorPrincipal Security Researcher at Presidio

Specialities

Offensive Operations

Connect with Brian

Brian Almond

Jump to:

Profile
Courses
Webcasts
Resources

About Brian Almond

Brian Almond is a SANS Certified Instructor, Director of Engineering Advanced Security at Presidio, and a cybersecurity leader whose career spans offensive operations, threat hunting, incident response, and security architecture. He teaches SEC598: AI and Security Automation for Red, Blue, and Purple Teams and SEC599: Defeating Advanced Adversaries – Purple Team Tactics & Kill Chain Defenses, bringing students a practitioner-focused perspective shaped by years of building enterprise detection and response programs. His experience designing purple team engagements and advanced detection strategies gives learners practical insight into how attackers operate and how defenders can rapidly detect and contain them in modern environments.

Press & Media

More From Brian

Weekly Purple Team / YouTube and Community Content / OngoingPurple team operations, detection engineering, and adversary tradecraft discussions
Cyber Unhinged Podcast / Podcast Co-Host and Contributor / Ongoing Cybersecurity operations, threat actor trends, and practitioner discussions
GitHub (BriPwn) / Open-Source Research and Security Tooling / Ongoing Detection as code pipelines, offensive security, and purple team research projects / threat hunting playbooks
Presidio Blog / Technical Research Article / 2025 Handala Hack (Attack on Stryker)
National Cyber League / Competition Recognition / Multiple YearsParticipation and competition achievements through STI affiliation

Upcoming Training Courses

Here are upcoming opportunities to train with this expert instructor.

Intermediate - SEC598 - Offensive Operations, Artificial Intelligence

SEC598: AI and Security Automation for Red, Blue, and Purple Teams

GIAC AI Security Automation Engineer
36 CPEs
SANS Austin 2026 | Austin

$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

Starts 22 Jun 2026 at 8:30 AM CT
6 Days

Log in to register:

Join In-Person Waitlist Join Virtual Waitlist

Intermediate - SEC599 - Offensive Operations

SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses

GIAC Defending Advanced Threats
36 CPEs
SANS Sydney September 2026 - Live Online | Sydney, NSW

A$13,350 AUD (Course)
A$1,495 AUD (Certification)
*Prices exclude applicable local taxes

Starts 14 Sep 2026 at 8:30 AM AEST
6 Days

Log in to register:

Intermediate - SEC599 - Offensive Operations

SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses

GIAC Defending Advanced Threats
36 CPEs
SANS Tokyo Autumn 2026 - Live Online | Tokyo

¥1,335,000 JPY (Course)
¥149,850 JPY (Certification)
*Prices exclude applicable local taxes

Starts 19 Oct 2026 at 9:00 AM JST
6 Days

Log in to register:

Intermediate - SEC598 - Offensive Operations, Artificial Intelligence

SEC598: AI and Security Automation for Red, Blue, and Purple Teams

GIAC AI Security Automation Engineer
36 CPEs
SANS Live Online: Jan 2027 (EDT) |

$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

Starts 11 Jan 2027 at 8:30 AM ET
6 Days

Log in to register:

Virtual Events

Explore content featuring this instructor’s insights and expertise.

Free Resources

Review relevant educational resources made with contribution from this instructor.

Finding Lateral Movement of Adversaries Through the Noise of Systems Administration

WhitepaperDigital Forensics and Incident Response, Cyber Defense

14 Aug 2024
Brian Almond