Faculty

Version 1.0

Current Version
Archives

The SANS faculty is the primary reason that a SANS Technology Institute educational experience allows students to become technical leaders in information security in their organizations. At SANS you learn security from people who are the top experts in the field, the authors of the most authoritative books, and, most importantly, from people who have front-line, in-the-trenches experience doing the types of jobs that you will be required to do.

Knowledge alone does not make SANS faculty effective teachers. Many experts cannot teach. SANS faculty members are winners of a continuous competitive search for the most effective teachers in each subject area. Each year more than 50 security professionals try out for the faculty, and each year only two or three are selected.

Your education at SANS involoves research and writing, just as it would at any graduate institution. At SANS Technology Institute though it is the classes you take and more importantly the faculty who teach you that will help you gain the mastery of the subjects that enable leaders to lead with confidence.

Each member of the SANS Technology Institute faculty has demonstrated himself or herself to be highly competent, on the basis of formal education and professional experience, to provide educational courses that meet the objectives laid out in the program goals. Most SANS Technology Institute faculty members have completed either Master's level or PhD level degrees at regionally accredited institutions. A small number of faculty members may have completed the equivalent of Master's level degrees by demonstrating outstanding achievement in the information security field.

SANS Technology Institute Faculty

Dr. Johannes Ullrich, Dean of the Faculty

As Chief Research Officer for the SANS Institute, Johannes is responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2005, SC Magazine named him one of the 5 most influential IT security thinkers in the networking industry. Johannes holds a Ph.D. in Physics from SUNY Albany.

Dr. Eric Cole, Department Chair

Eric Cole has received his PhD from Pace University and has been recognized as an information security expert for more than 10 years. Eric holds several professional certifications and helped develop several of the SANS GIAC certifications and corresponding courses. Eric is currently chief scientist for The Sytex Group's Information Warfare Center, where he heads cutting edge research in technology and various areas of network security. His writing credits include: Hackers Beware, SANS GIAC: Security Essentials Cookbook and his latest work Hiding in Plain Sight: Steganography and the Art of Covert Communication.

Ed Skoudis, Incident Handling

Ed Skoudis teaches SANS Hacker Techniques, Exploits and Incident Handling. In addition to his teaching responsibilities, Ed performs security assessments and designs information security governance and operations teams for Fortune 500 companies, and provides rapid response to computer attacks for clients in financial, high technology, healthcare, and other industries. Ed is the author of several articles as well as the Prentice Hall best selling book, Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses. His latest book is titled Malware: Fighting Malicious Code. Ed was also awarded a 2004 Microsoft MVP award for Windows Server Security, and is a member of the Honeynet Project. Ed's Master of Science degree was earned at Carnegie Mellon University.

Dave Shackleford, Management/Security

Dave Shackleford has been involved in information technology, particularly the areas of networking and security, for over ten years. Dave is currently the Vice President of Business Development for Vigilar, a security consulting firm in Atlanta, GA. Dave has also worked as a security architect, analyst, and manager for several Fortune 500 companies and was the first Information Security Manager for AirTran Airways. His areas of specialty include incident handling and response, intrusion detection and traffic analysis, and vulnerability assessment and penetration testing. Dave is also a courseware and exam author for the SANS Institute, where he has taught classes, written multiple courses and exam questions, and also serves as a GIAC Technical Director. Dave has Bachelors degrees in both Psychology and Information Systems and a Masters in Business Administration from Georgia State University. He is the co-author of Hands-On Information Security from Course Technology, as well as the Managing Incident Response chapter in the Course Technology book Readings and Cases in the Management of Information Security.

Mason Brown, Management

Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company. After earning his MBA from Harvard Business School, Mason joined Alcoa where he rose quickly to the President position for a $400 million division and then to a very senior executive role in a $5 billion division of Alcoa, with global responsibility. He brings this unique senior management perspective to the task of helping security professionals learn how to make a security program effective inside their organizations. Mason's undergraduate degree was in Business and Operations Management from Susquehanna University and before attending Harvard, he was a software entrepreneur. Mason recently joined the SANS Institute to help improve security in the United States and around the world primarily through two mechanisms -- helping users find security technology that works and expanding SANS programs to more than 40 countries around the world.

David Hoelzer, Intrusion Detection and Auditing

David Hoelzer is a high scoring SANS instructor and expert in the fields of intrusion detection, firewalls, incident handling, information security auditing, and secure infrastructure management. While he is currently serving as the adjunct Director of Site Security for SANS, he has in the past served as the Director of the GIAC Certification program for SANS, bringing the GIAC Security Expert certification to life; he continues to serve as the primary exam author for several of SANS' most challenging certifications. David is an adjunct research associate of the UNLV Cybermedia Research Lab and a research fellow with the Internet Forensics Lab. David holds a BS in IT, SCL.

Mike Poor, Intrusion Detection

Mike Poor leads the SANS Institute Intrusion Analysis Team. As a consultant, Mike conducts forensic analysis, penetration tests, vulnerability assessments, security audits and architecture reviews. His primary job focus however is in intrusion detection, response, and mitigation. Mike is an author of the international best selling Snort 2.1 book from Syngress, and is a member of the elite Incident Handler group for the Internet Storm Center.

Marcus Sachs, Security Essentials, Malware, Management

Marcus Sachs is the Deputy Director, Computer Science Laboratory, at SRI International. He is responsible for the Washington operations of the Department of Homeland Security's Cyber Security Research and Development Center, operated by SRI under contract with DHS. Marcus is also the volunteer Director of the SANS Internet Storm Center, and is an internationally recognized computer security expert. He brings over 23 years of professional experience to SANS including 20 years of active duty service as an officer in the United States Army and two years of national cyberspace security policy development as a Presidential appointee in the George W. Bush administration. Prior to joining SANS, Marcus was the Director for Communication Infrastructure Protection in the White House Office of Cyberspace Security, a staff member of the President's Critical Infrastructure Protection Board, and a senior member of the US Department of Homeland Security's National Cyber Security Division. A graduate of the US Army Command and General Staff College, Marcus also holds a Masters degree in Computer Science with a concentration in Information Security from James Madison University, a Masters degree in Science and Technology Commercialization, and a Bachelor of Civil Engineering degree.

Rob Lee, Forensics

Rob Lee is a member of ManTech's Computer Forensics & Intrusion Analysis Division that provides advanced computer forensics and intrusion operations support to the national security and intelligence communities. He works for commercial and government clients, providing incident response, forensics, intrusion detection, vulnerability analysis, and specialized R&D. Rob is a graduate of the U.S. Air Force Academy. He served in the U.S. Air Force performing intrusion detection while at the 609th Information Warfare Squadron. As a member of the Air Force Office of Special Investigations he performed network wiretaps, computer forensics, and conducted computer crime intrusion investigations. Rob regularly assists the Honeynet Project and coauthored the bestselling book, Know Your Enemy, 2nd Edition.

Ben Wright, Legal Issues

Ben Wright is one of the leading attorneys in e-commerce and is the founding author of The Law of Electronic Commerce, a comprehensive book on the legality of electronic transactions and computerized business records. Since 1988, Wright has delivered over 500 speeches on e-commerce, privacy, records management, and computer security and been quoted in publications around the globe, from the Wall Street Journal to the Sydney Morning Herald. In 2001 he was featured in the documentary "The Cutting Edge Technology Report: Electronic Signatures," nationally broadcast on CNBC.

Alan Paller, Public Policy and Marketing Security In Large Organizations

Alan Paller is the Director of Research for the SANS Institute, responsible for overseeing technical research programs ranging from SANS weekly threat and news digests to the annual Top 20 Internet Security Threats. He is also responsible for SANS' growing public policy research and advocacy programs on behalf of improved cyber security, and has testified several times before both House and Senate committees. Alan is the author of The EIS Book: Information Systems for Top Managers and co-author of Planning and Designing the Data Warehouse and How to Give the Best Presentation of Your Life. He has chaired more than 200 national and international conferences and is often quoted in The Wall Street Journal, USA Today, The Washington Post, and The Financial Times of London, as well as many information technology and information security publications. In 2001 the President named Alan as one of the original members of the National Infrastructure Assurance Council "to advise the President through the Secretary of Homeland Security with advice on the security of information systems for critical infrastructure supporting other sectors of the economy." In 2005, the Federal CIO Council chose him as one of two 2005 Azimuth Award winners recognizing his vision and outstanding service to federal information technology. Alan's degrees are from Cornell University and the Massachusetts Institute of Technology.

A list of additional SANS instructors may be found at http://www.sans.org/instructors.php.