Steve Anson
Principal InstructorCo-Founder at Informed Defense
Specialities
Digital Forensics and Incident Response, Offensive Operations
Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsDigital Forensics and Incident Response, Offensive Operations
Steve Anson is a digital forensics and incident response (DFIR) professional with more than 25 years of experience investigating complex cybercrimes and helping organizations strengthen their security capabilities. A former law enforcement officer and federal agent, Steve previously served with the Defense Criminal Investigative Service and as a task force agent with the FBI, where he specialized in computer crime investigations.
Today, he consults with a global client base through his firm Informed Defense, while serving as a SANS Principal Instructor and co-author of SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics and instructor for SANS SEC504: Hacker Tools, Techniques, and Incident Handling.
Steve Anson was a great instructor with engaging delivery, including relevant real-world examples from his career.
Even with all the theories that needed to be covered, Steve still managed to move the class through the material, all while making sure that students understood topics that required more detail than others.
I specifically chose this course for Steve, and he did not disappoint. I love the real-life stories of how these techniques and defenses played out. I have pages full of what to take away and implement back in business.
Here are upcoming opportunities to train with this expert instructor.
Explore content featuring this instructor’s insights and expertise.
Microsoftは、様々なシングルサインオン(SSO)のシステムをユーザーに提供しています。しかし、SSO のために利用されるクレデンシャル情報は、長い間攻撃者に狙われてきました。Pass the HashやPass the Ticket、Pass the Tokenなどの攻撃により、攻撃者はオンプレミス環境のみならずクラウド環境へまでも、ネットワークアクセスができるようになることがあります。これらの攻撃の詳細や、関連するリスクを軽減するための最新のコントロールについて紹介します。
Whether performed by an insider threat, or by an external threat that's managed to get a foothold inside, the next step in the attacker's dance is usually the pivot: moving from one host to another to expand control or pillage a particular resource. In this talk we will look at some of the more commonly encountered pivot techniques to help you understand, detect, and deter malicious, lateral movement within your network.