When he gets the chance, Matthew Toussain loves to take on an offbeat challenge. He’s turned a closet into a server room, a table into a computer, and a ’76 Mustang into an electric car. He’s also built an Alexa-enabled home entertainment system out of a car amp, a Raspberry Pi, a computer power supply unit, sheet metal, and plexiglass. It’s that ingenuity that underscores his work as a certified SANS instructor.
A graduate of the U.S. Air Force Academy with a B.S. in computer science and the SANS Technology Institute with an M.S. in information security engineering, he has served as the senior cyber tactics development lead for the U.S. Air Force (USAF) and worked as a security analyst for Black Hills Information Security. In 2014, he started Open Security, which performs full-spectrum vulnerability risk assessments.
His experience outside the classroom has given him opportunities to work on initiatives designed to protect people from terrorism. “I had a small part in national cyber defense. Specifically, after the Paris bombings on Nov. 13, 2015, I worked on programs designed to provide some additional early warning in the event of similar orchestrated attacks in the future.”
For SANS, Matthew teaches SEC560: Network Penetration Testing and Ethical Hacking and worked with other SANS instructors to create SEC460: Enterprise and Cloud | Threat and Vulnerability Assessment. Of the new course, Matthew writes, “Because SEC460 is a foundational course in the SANS penetration testing curriculum, it is itself a herald and a promise. For some newcomers, the first adventure with SANS is the spark of awakening for their inner hacker. It acts as a catalyst facilitating personal evolution and even genesis of a lifelong passion. The course authors, Adrien de Beaupre, Tim Medin, and myself, have meticulously crafted the SEC460 challenge to be a formative experience, attainable by all yet elementary to none.”
An avid runner who also plays piano, guitar and violin, Matthew lives in Texas with a multitude of Cisco switches. In addition to teaching at SANS, he is an avid supporter of cyber competitions and participates as a red team member or mentor for the Collegiate Cyber Defense Competition (CCDC), the annual NSA-led event Cybersecurity Defense Exercise (CDX), and SANS Institute’s NetWars.
Hear Matt discuss a toolset for Tier 1 threat emulation at Wild West Hackin' fest 2019 here:
- Information security expert since 2008
- Open source developer – Subterfuge Project, Acheron, Prismatica
- SANS SEC460 course author
- Red teamer and/or mentor for the CCDC, the CDX and NetWars
- Guest instructor at the University of Texas San Antonio
- Guest speaker at various infosec conferences, including at the 20th anniversary of DEFCON
- GSE (GIAC Security Expert)
- CEH (Certified Ethical Hacker)
- GSEC (GIAC Security Essentials)
- GCIA (GIAC Certified Incident Analyst)
- GMOB (GIAC Mobile Device Security Analyst)
- GPEN (GIAC Certified Penetration Tester)
- GCIH (GIAC Certified Incident Handler)
- GCCC (GIAC Critical Controls Certification)
- GCPM (GIAC Certified Project Manager)
- Palo Alto EDU-201
ADDITIONAL CONTRIBUTIONS BY MATT TOUSSAIN:
SANS@MIC - Domain Password Auditing with the Cloud, April 2020
Passwords are a Solvable Problem!, February 2020
Testing G Suites with MailSniper, June 2018
BLOG & MORE
You can check out Matt's Youtube Channel here.