Mick Douglas

Mick Douglas has over 10 years of experience in information security and is currently the Managing Partner for InfoSec Innovations. He specializes in PowerShell, Unix, Data Visualization, Hardware, and Radio Hacking and teaches SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC555: Detection Engineering and SIEM Analytics™. He has also been on the GIAC Advisory Board for over 12 years and is a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition. He’s authored numerous tools, led pen-testing teams, and has consulted with some of the largest infosec companies.

More About Mick

Specialties

Cyber Defense

Upcoming Courses

Profile

Mick has always enjoyed working with computers and securing systems and quickly became a systems administrator. While working at a marketing firm, he received a penetration test. The report was a bloodbath. His code was highly vulnerable and it hurt to know that his "baby" was so open for attack. When Mick asked the pen testers what he should do, they couldn't provide workable solutions. He vowed to get his revenge in the follow-up assessment, by not only securing his code and systems but making them actively hostile. This included honeypots, automated response, and numerous other tricks to confuse and frustrate. After months of study and experimentation, the follow-up test resulted in the company quitting mid engagement. He was hooked... and hasn’t looked back since.

Mick’s experience in Systems and cybersecurity is varied and eclectic. He built the provisioning system used by LCI/Qwest for long-distance orders, helped ensure network speed and reliability at UUNet, ran the production hosting systems for Resource Marketing (the marketing firm behind brands such as Apple, Walmart, HP, and Victoria’s Secret), was the lead technical security engineer at OCLC (a global not-for-profit library collective) and team lead for one of the penetration testing teams at Bank of America. He’s also worked as a consultant for Diebold, Black Hills Infosec, and Binary Defense before founding InfoSec Innovations, which he considers the highlight of his career. He’s most proud of hiring interns and subcontractors to help bring about his vision of how an information security consultancy can be run. He plans to change the industry and that requires a mix of the right staff, clients, and opportunities.

Mick believes that the greatest challenge that students face is that adversaries are well funded and highly skilled, something he deals with as well. With a modest investment of time each week, he believes students can make changes to their environment that will result in a superior defensive stance. In time, these incremental improvements result in a resilient and tamper-evident network. Mick is always excited about the opportunity to share with others so they do not have to learn the hard way. By studying with Mick, security professionals of all abilities will gain useful tools and skills that should make their jobs easier.

Mick is proud of Powercat, a netcat tool that he wrote in PowerShell 2.0 to allow maximum portability on all PowerShell enabled hosts and Fantastic, a powerful systems administration tool with a helpful web gui which makes it easier for people to secure their systems. When he's not "geeking out" you'll likely find Mick indulging in one of his numerous hobbies; photography, hiking, sailing, scuba diving pretty much anything outdoors.

Powercat - Netcat implementation in PowerShell 2.0 to allow maximum portability on all PowerShell enabled hosts.

Pause-Process - PowerShell script which allows one to pause/unpause a running application. Makes use of existing OS functionality so there is no need to install any additional components. Can be used to allow defenders to respond at a lower threshold.

Fantastic - is a visualizing tool made by InfoSec Innovations for exploring computer networks. It aims to provide a way for network security novices and professionals alike to find and fix security issues.

Watch Mick talk about his class in, "All you need to know about SEC555: Detection Engineering and SIEM Analytics™"