David Mashburn

David Mashburn is a SANS Certified Instructor and an Incident Manager / Incident Handler for a large technology company. He has experience working as an IT security professional for several civilian federal agencies, and over 15 years of experience in IT. He holds a master's degree in computer science from John Hopkins University, and a bachelor’s degree from the University of Maryland at College Park. David holds multiple security-related certifications, including GIAC GSE (#157), GOSI, GNFA, GMON, GCFA, GCDA, GWAPT, GXPN, GCIA (Gold), GPEN, GCIH, and GSEC. He is also a member of the SANS / GIAC Advisory Board, and has previously taught courses in the Cybersecurity curriculum at the University of Maryland - University College

More About David

Profile

David Mashburn started out in a non-IT career path, but with his aptitude for computers, he ended up staying immersed in technology. He moved into a technical role, and then followed a fairly typical IT career progression, from Help Desk to System Administration. Along the way, he picked up networking, and that was when he first got introduced to security. He really loved the idea of defending systems and networks, and while he continued to learn in other areas such as databases and development, he had that interest in security that really drove how he viewed those topics.

After getting this wide and in some areas deep experience in multiple IT disciplines, he pivoted over to focusing on security full-time. That path, he felt, really helped to make him more effective as a security practitioner, since he can see things from the security perspective, and also speak and understand the language of other technology arenas.

David finds the idea of working as a defender very appealing, to keep his company and customer data safe. That is a clear mission, and he accepts that it is a challenge to make that happen given the broad attack surface and the constant efforts by adversaries to mount attacks. Companies don't exist for the sake of security, but most companies would not be able to function without information security. He likes to think of his role as making sure his company can do what it is supposed to do.

Presently, David is a SANS Certified Instructor and an Incident Manager / Incident Handler for a large technology company. David enjoys being able to work with data and logs at an enormous scale, investigate and triage security incidents constantly, and work in a very complex, fast-paced environment. Previously, David worked in many other organizations, ranging from early stage start-ups to non-profits to government. That broad view of different companies helps David relate to almost any work environment for a student, as he’s likely experienced something similar to what they deal with in their professional roles. David thinks this ability to relate to students and share his own experiences that may be relevant to them, really makes him an effective instructor, since they can speak that common language and see how the material that he teaches at SANS can be applied to their own environments, since he has "been there, done that" throughout his career.

David has a Master of Science in Computer Science from Johns Hopkins University, and holds several security-related certifications, including GIAC GSE (#157), GOSI, GNFA, GMON, GCFA, GCDA, GWAPT, GXPN, GCIA (Gold), GPEN, GCIH, and GSEC.

Beyond the classroom, David enjoys coaching (competitive swimming), Martial arts, and playing baseball.

Watch David present at the SANS Blue Team Summit



PUBLICATIONS

NetFlow Collection and Analysis Using NFCAPD, Python, and Splunk

Threat Hunting 101: Not Mission Impossible for the Resource-Challenged

WEBCASTS