The SANS Technology Institute

Faculty

Version 1.3

FACULTY - SANS Technology Institute

Name: Dr. Johannes Ullrich
Title: Dean of Faculty, Chief Research Officer, Faculty
Most Advanced Degree: Ph.D. Physics, SUNY Albany
Field of Experience: Information Security Research Expert. See details below.
Courses: SEC 503 Intrusion Detection in Depth, 504 Hacker Techniques, Exploits, and Incident Handling, and other courses.

Dr. Johannes Ullrich is Dean of Faculty, Chief Research Officer and a faculty member of SANS Technology Institute. As Chief Research Officer for SANS, Johannes is responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2005, SC Magazine named him one of the 5 most influential IT security thinkers in the networking industry. Johannes teaches SEC 503 Intrusion Detection in Depth, SEC 504 Hacker Techniques, Exploits and Incident Handling, SEC 615 LAMP Secure Internet Presence, and other courses.

Name: Dr. Eric Cole
Title: Department Chair, Faculty
Most Advanced Degree: Ph.D., Computer Science, Pace University
Field of Experience: Information Security Expert. See details below.
Courses: SEC 401 Security Essentials, MGT 524 Security Policy and Awareness, MGT 512 SANS Security Leadership Essentials for Managers, OPR 407 Windows and Linux Service and Operations, and other courses.

Dr. Eric Cole is the Department Chair of SANS Technology Institute, faculty member, faculty advisor, and he teaches, maintains and develops courseware. He is an industry recognized security expert, with over 15 year's hands-on experience. Dr. Cole currently performs leading edge security consulting and works in research and development to advance the state of the art in information systems security. Dr. Cole has experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Dr. Cole has a Masters in Computer Science from NYIT, and Ph.D. from Pace University with a concentration in Information Security. Dr. Cole is the author of several books to include Hackers Beware, Hiding in Plain Site, Network Security Bible and Insider Threat. He is also the inventor of over 20 patents and is a researcher, writer, and speaker. Dr. Cole also is also a senior scientist with Lockheed Martin Information Technology (LMIT) and Lockheed Martin (LM) fellow.

Name: Ed Skoudis
Title: Director on the Board SANS Technology Institute, Faculty
Most Advanced Degree: M.S., Information Networking, Carnegie Mellon University; and B.S. Electrical Engineering, University of Michigan, Summa Cum Laude.
Field of Experience: Incident Handling, Expertise in Hacker Attacks and Defenses, Information Security Industry, and Computer Privacy Issues. See details below.
Courses: SEC 504 Hacker Techniques, Exploits, and Incident Handling, and other courses.

In addition to his teaching responsibilities, Ed Skoudis performs security assessments and designs information security governance and operations teams for Fortune 500 companies, and provides rapid response to computer attacks for clients in financial, high technology, healthcare, and other industries. Ed is the author of several articles as well as the Prentice Hall best selling book, Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses. His latest book is titled Malware: Fighting Malicious Code. Ed was also awarded a 2004 Microsoft MVP award for Windows Server Security, and is a member of the Honeynet Project. Ed Skoudis teaches SANS SEC 504 Hacker Techniques, Exploits and Incident Handling course; and also SEC 517 Cutting Edge Hacking Techniques.

Name: Lenny Zeltser
Title: Director on the Board of SANS Technology Institute, Faculty
Most Advanced Degree: M.B.A. from M.I.T.
Field of Experience: Security. See details below.
Courses: SEC 504 Hacker Techniques, Exploits and Incident Handling, MGT 512 SANS Security Leadership Essentials for Managers, and other courses.

Lenny Zeltser is the Information Security Practice Leader at Gemini Systems, a premier IT consulting firm headquartered in New York. He is also an instructor at SANS Institute and an incident handler at SANS Internet Storm Center. Lenny's expertise spans IT, risk management, and business processes. He directed data protection efforts for several organizations, co-founded a software company, and consulted to a major financial institution. Lenny also co-authored books such as Inside Network Perimeter Security and Malware: Fighting Malicious Code. In addition to holding the CISSP certification, he is one of the few individuals who have earned the GIAC Security Expert (GSE) designation. Lenny has an MBA degree from MIT and a BSE degree from the University of Pennsylvania. More information about his projects and interests is available at www.zeltser.com.

Name: Dave Shackleford
Title: Director on the Board of SANS Technology Institute, Faculty
Most Advanced Degree: Masters in Business Administration, Georgia State University
Field of Experience: Security. See details below.
Courses: SEC 504 Hacker Techniques, Exploits and Incident Handling, all AUDIT courses, MGT 512 SANS Security Leadership Essentials for Managers, and other courses.

Dave Shackleford has been involved in information technology, particularly the areas of networking and security, for over ten years. Dave is currently the Vice President of Business Development for Vigilar, a security consulting firm in Atlanta, GA. Dave has also worked as a security architect, analyst, and manager for several Fortune 500 companies and was the first Information Security Manager for AirTran Airways. His areas of specialty include incident handling and response, intrusion detection and traffic analysis, and vulnerability assessment and penetration testing. Dave is also a courseware and exam author for SANS where he has taught classes, written multiple courses and exam questions, and also serves as a GIAC Technical Director. Dave has Bachelors degrees in both Psychology and Information Systems and a Masters in Business Administration from Georgia State University. He is the co-author of Hands-On Information Security from Course Technology, as well as the Managing Incident Response chapter in the Course Technology book Readings and Cases in the Management of Information Security.

Name: Alan Paller
Title: Chair and Director on Board of SANS Technology Institute, Faculty
Most Advanced Degree: Masters, Engineering, Massachusetts Institute of Technology; and B.S., Engineering, Cornell University.
Field of Experience: Public Policy and Marketing Security in Large Organizations. See details below.

Alan Paller is the Chair of the Board of Directors of SANS Technology Institute. He is the Director of Research for SANS, responsible for overseeing technical research programs ranging from SANS weekly threat and news digests to the annual Top 20 Internet Security Threats. He is also responsible for SANS' growing public policy research and advocacy programs on behalf of improved cyber security, and has testified several times before both House and Senate committees. Alan is the author of The EIS Book: Information Systems for Top Managers and co-author of Planning and Designing the Data Warehouse and How to Give the Best Presentation of Your Life. He has chaired more than 200 national and international conferences and is often quoted in The Wall Street Journal, USA Today, The Washington Post, and The Financial Times of London, as well as many information technology and information security publications. In 2001 the President named Alan as one of the original members of the National Infrastructure Assurance Council to advise the President through the Secretary of Homeland Security with advice on the security of information systems for critical infrastructure supporting other sectors of the economy. In 2005, the Federal CIO Council chose him as one of two 2005 Azimuth Award winners recognizing his vision and outstanding service to federal information technology. Alan's degrees are from Cornell University and the Massachusetts Institute of Technology.

Name: Mason Brown
Title: Faculty Member
Most Advanced Degree: M.B.A., Harvard Business School
Field of Experience: Held top management positions in large companies. See details below.
Courses: MGT 421 Leadership Tools.

Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company. After earning his MBA from Harvard Business School, Mason joined Alcoa where he rose quickly to the President position for a $400 million division and then to a very senior executive role in a $5 billion division of Alcoa, with global responsibility. He brings this unique senior management perspective to the task of helping security professionals learn how to make a security program effective inside their organizations. Mason's undergraduate degree was in Business and Operations Management from Susquehanna University and before attending Harvard, he was a software entrepreneur. Mason recently joined SANS to help improve security in the United States and around the world primarily through two mechanisms -- helping users find security technology that works and expanding SANS programs to more than 40 countries around the world.

Name: Marcus Sachs
Title: Faculty Member
Most Advanced Degree: Masters in Computer Science with a concentration in Information Security from James Madison University, and a Masters in Science and Technology Commercialization.
Field of Experience: Security Essentials, Malware, Management
Courses: SEC 401 Security Essentials and other courses

Marcus Sachs is the Deputy Director, Computer Science Laboratory, at SRI International. He is responsible for the Washington operations of the Department of Homeland Security's Cyber Security Research and Development Center, operated by SRI under contract with DHS. Marcus is also the volunteer Director of the SANS Internet Storm Center, and is an internationally recognized computer security expert. He brings over 23 years of professional experience to SANS including 20 years of active duty service as an officer in the United States Army and two years of national cyberspace security policy development as a Presidential appointee in the George W. Bush administration. Prior to joining SANS, Marcus was the Director for Communication Infrastructure Protection in the White House Office of Cyberspace Security, a staff member of the President's Critical Infrastructure Protection Board, and a senior member of the US Department of Homeland Security's National Cyber Security Division. A graduate of the US Army Command and General Staff College, Marcus also holds a Masters degree in Computer Science with a concentration in Information Security from James Madison University, a Masters degree in Science and Technology Commercialization, and a Bachelor of Civil Engineering degree. Marcus teaches SEC 401 Security Essentials and other courses.

Name: Benjamin Wright
Title: Faculty Member
Most Advanced Degree: JD, Law, Georgetown University Law Center
Field of Experience: Legal Issues. See details below.
Courses: LEG 523 Legal Issues in Information Technology and Information Technology Security.

Benjamin Wright, one of the leading attorneys in e-commerce and IT security, is the founding author of The Law of Electronic Commerce, a comprehensive book on the legality of electronic transactions and computerized business records. Since 1988, Wright has delivered many hundreds of presentations on e-commerce, privacy, records management, and computer security and been quoted in publications around the globe, from the Wall Street Journal to the Sydney Morning Herald. In 2001 he was featured in the documentary The Cutting Edge Technology Report: Electronic Signatures, nationally broadcast on CNBC.

Name: Bob Hillery
Title: Faculty Member
Most Advanced Degree: Masters, National Security and Strategic Studies, U.S. Naval War College; and Masters, International Relations, Salve Regina College
Field of Experience: Management. See details below.
Courses: MGT 512 SANS Security Leadership Essentials for Managers with Knowledge Compression TM, SEC 401 Security Essentials, MGT 524 Security Policy and Awareness.

Bob Hillery is an experienced consultant in Information Systems Security Management. He is a founder and Senior Security Analyst with Intelguardians. LLC, and has an extensive background in computer networks gained through the Navy and R&D. Bob has just completed a National Institute of Justice funded project in cyber attack and forensic tools requirements as a senior researcher at Dartmouth College. He is a member of the High Tech Crime Investigators Association(HTCIA), on the advisory board for the DataInquiry, LLC, serving corporate forensics requirements, served as the Vice President of Academic Affairs & Chair of Informations Systems Department for NH Community Technical College. Going beyond the technology, he has significant experience with the business and operational aspects of security incident handling. Bob's certifications include CISSP, GCIA, GSEC, MCSE, and the NSA IAM.

Name: Stephen Fried
Title: Faculty Member
Most Advanced Degree: Masters in Computer Science, Monmouth University in West Long Branch, New Jersey.
Field of Experience: Security. See details below.

Stephen Fried is the Director of Global Information Security at Lucent Technologies, leading the team responsible for protecting Lucent's electronic and information infrastructure. Stephen began his professional career at AT&T in 1985 and has held a wide range of technical and management positions in such areas as software development, database design, call center routing, computing research, and information security for AT&T, Lucent Technologies and Avaya. In more recent history, Stephen has developed the information security program for two Fortune 500 companies, dealing with topics like policy development, risk assessment, technology development & deployment and security outsourcing. Stephen is a Certified Information Systems Security Professional and holds a B.S. in Telecommunications Management and a M.S. in Computer Science.

Name: David Rice
Title: Faculty Member
Most Advanced Degree: M.S., Systems Engineering and Information Warfare, Naval Postgraduate School; and B.S., Physics and General Engineering, U.S. Naval Academy.
Field of Experience: Security. See details below.
Courses: SEC 401 Security Essentials, 616 .Net Security, 617, MGT 512 SANS Security Leadership Essentials for Managers.

David Rice is Director of The Monterey Group a results-oriented consultancy fulfilling client objectives in all matters of information security. David is an internationally recognized information security expert and the author of the forthcoming book, Geekonomics: The Real Cost of Software. David has been awarded for significant contributions as part of his work with the Department of Defense and the National Security Agency. David is a SANS Institute author and senior instructor. He has over 10 years of experience in security and large-scale IT infrastructure.

Name: Jason Fossen
Title: Faculty Member
Most Advanced Degree: Masters, Philosophy of Science, University of Texas at Austin
Field of Experience: Security with Microsoft/Windows Emphasis. See details below.
Courses: SEC 505 Securing Windows

Jason Fossen is a principal security consultant at Enclave Consulting LLC, a published author, and a frequent public speaker on Microsoft security issues. He is the sole author of the SANS' week-long Securing Windows course (SEC505), maintains the Windows day of Security Essentials (SEC401.5), and has been involved in numerous other SANS projects since 1998. He was graduated from the University of Virginia, received his Master's degree from the University of Texas at Austin, and holds a number of professional certifications. He currently lives in Dallas, Texas.

Name: Arrigo Triulzi
Title: Faculty Member
Most Advanced Degree: M.Sc. in Mathematical Computation from Queen Mary, University of London; and almost has his Ph.D. in Computer Algebra from Queen Mary, University of London.
Field of Experience: Security. See details below.
Courses: SEC 503 Intrusion Detection in Depth, SEC 504 Hacker Techniques, Exploits and Incident Handling.

Arrigo Triulzi, trained in Pure Mathematics, holds an MSc in Mathematical Computation from Queen Mary, University of London, and is working towards a PhD in Computer Algebra. He is co-founder and Chief Security Officer of K2 Defender Limited, a bespoke high-end IDS solutions provider. Arrigo is also a free-lance consultant in IT Security with particular expertise in secure network design, network security analysis, and incident handling. He is also the administrator of the IDS Europe mailing list. Having worked with both popular and less common flavours of Unix he is comfortable working in any heterogeneous networking environment and his knowledge also includes esoteric operating systems such as Guardian/NSK. Arrigo is co-inventor in an EU patent for a high-performance distributed IDS design, and has written on a variety of security topics. Recent work includes web research into IDS deployment on IPv6, firewall verification using IDS, and distributed concept virii.

Name: Jess Garcia
Title: Faculty Member
Most Advanced Degree: M.Sc. in Telecommunications Engineering, Univ. Politecnica de Madrid
Field of Experience: Security. See details below.
Courses: SEC 503 Intrusion Detection in Depth, 505 Securing Windows, SEC 508 System Forensics, Investigation and Response, and other courses.

Jess Garcia is a senior independent security consultant specializing in Forensics, Intrusion Detection & Prevention, Security Architecture, Perimeter Security, Honeypots, etc. Jess served for 10 years as a system, network and security engineer for the Spanish National Aerospace Institute (INTA), where he collaborated as a security expert with other space agencies (ESA, NASA) and international government, research, educational and commercial organizations. Jess holds a M.Sc. in Telecommunications Engineering from the Univ. Politecnica de Madrid, and he is a frequent speaker at international events. Jess has authored the book Securing Solaris 8 & 9 Using the Center for Internet Security Benchmark, has contributed to some others, including diverse SANS Courseware, and is the author of a number of security standards for the Spanish administration.

Name: Matthew Luallen
Title: Faculty Member
Most Advanced Degree: M.S., Computer Science, National Tech University.
Field of Experience: Security. See details below.
Courses: SEC 401 Security Essentials, SEC 617 Assessing and Securing Wireless Network Security, and other courses.

Matt Luallen is a well-respected professional with a unique background encompassing several facets of information assurance and content delivery systems surrounding business logic. Mr. Luallen also serves as the President and Principal Consultant of Sph3r3, LLC. Prior to incorporating Sph3r3, Mr. Luallen provided strategic guidance for Argonne National Laboratory, U.S. Department of Energy, within the Information Architecture and Cyber Security Program Office. He has extensive consulting experience within the governmental and commercial sectors including a multi-client base of corporations, financial institutions and healthcare organizations.

Name: Ron Ritchey
Title: Faculty Member
Most Advanced Degree: Ph.D., Information Technology, George Mason University's School of Information Technology and Engineering; Masters, Computer Science, George Mason University
Field of Experience: Security. See details below.
Courses: AUD 507 Auditing Networks, Perimeters & Systems

Mr. Ritchey is an authority in the areas of secure network design and network intrusion and regularly leads penetration testing efforts for Booz Allen Hamilton where he has had the opportunity to learn first-hand the real-world impact of network vulnerabilities. He is also an active researcher in the field with peer-reviewed publications in the area of automated network security analysis and is one of the co-authors of the recently released Inside Network Perimeter Security book published by New Riders in association with the SANS Institute. Mr. Ritchey has authored courses on computer security that have been taught across the country and periodically teaches masters level courses on computer security. Mr. Ritchey holds a Ph.D. in Information Technology from George Mason University's School of Information Technology and Engineering, and a Masters Degree in Computer Science from George Mason University. His doctoral research involved automating network security analysis.

Name: Richard Salgado
Title: Faculty Member
Most Advanced Degree: J.D., Law, Yale Law School
Field of Experience: Legal Issues. See details below.
Courses: SEC 508 System Forensics, Investigation, and Response, and other courses

Richard P. Salgado is a Senior Corporate Counsel with Yahoo! Inc., where he focuses on international privacy, security and law enforcement compliance matters. Prior to joining Yahoo!, Mr. Salgado served as Senior Counsel in the Computer Crime and Intellectual Property Section of the United States Department of Justice. As a federal prosecutor, Mr. Salgado specialized in investigating and prosecuting computer network cases, such as computer hacking, illegal computer wiretaps, denial of service attacks, malicious code and other technology-driven privacy crimes. Mr. Salgado also regularly speaks on the legal and policy implications of searching and seizing computers and electronic evidence, emerging surveillance technologies, digital evidence and related criminal conduct. In 2005, Mr. Salgado will join Stanford Law School as a legal lecturer on Computer Crime; he previously served as an adjunct law professor at Georgetown University Law Center and George Mason Law School, and as a faculty member of the National Judicial College. Mr. Salgado graduated magna cum laude from the University of New Mexico and in 1989 received his J.D. from Yale Law School.

Name: Glen Sharlun
Title: Faculty Member
Most Advanced Degree: Masters, Information Tech Management, Naval Postgraduate School
Field of Experience: Security
Courses: MGT 414, MGT 512, AUD 411

Glen started his career in the literal trenches as a leader of Marines and has since transitioned that ethos to the 'trenches' of enterprise network and security operations. Having experience building a policy, consulting and audit practice, leading the global monitoring, response and forensic team, establishing an active audit (Red Team) capability, Glen finished this career as Commanding Officer (CISO), Network Defense, U.S. Marine Corps. Glen is currently the Vice President of Customer Success at ArcSight, focused on delivering the best-practices in people, process and technologies of ArcSight's network management and security operations solutions, to its customers. Glen is a graduate of the U.S. Naval Academy and the Naval Postgraduate School (MS, Information Systems Management) and has attained & instructed numerous certifications from ISC2, SANS and the National Security Agency.

Name: Raul Siles
Title: Faculty Member
Most Advanced Degree: Masters, Computer Science from UPM (Spain) and a postgraduate in Security and E-commerce
Field of Experience: Security. See details below.
Courses: SEC 617 Assessing and Securing Wireless Network Security, 508 Systems Forensics, Investigation and Response, SEC 504 Hacker Techniques, Exploits and Incident Handling, SEC 503 Intrusion Detection In-Depth, SEC 505 Securing Windows, SEC 615 LAMP - Secure Internet Presence

Raul Siles is a senior security consultant with Hewlett-Packard. He has implemented numerous security solutions in various industries. Raul's expertise includes security architectures design, penetration tests, incident response, forensic analysis, system and network security assessments and hardening, intrusion detection and information security management. He is one of the few individuals who have earned the GIAC Security Expert (GSE) designation and also holds other SANS/GIAC certifications. Raul is also a SANS course author and instructor. He is a frequent security speaker, has authored a TCP/IP security book and contributed to several security articles, reviews and research projects. He is a member of the Spanish Honeynet Project and loves security challenges. He holds a Masters degree in Computer Science from UPM (Spain) and a postgraduate in Security and E-Commerce.

Name: John Fitzgerald
Title: Heads European, Middle East, Africa (EMEA) Division of Faculty.
Most Advanced Degree: M.B.A., Harvard Business School, Bachelor of Engineering, National University of Ireland.
Courses: Heads European, Middle East, Africa (EMEA) Division of Faculty

Name: Steve Slater
Title: Faculty Member
Most Advanced Degree: Ph.D. and M.S., Nuclear Engineering, University of California - Berkeley.
Field of Experience: Security. See details below.
Courses: SEC 615 - LAMP - Secure Internet Presence

Steve Slater is a SANS courseware author and founder and president of NetSight Consulting, an Information Security solution provider in the San Francisco Bay Area. Over the past 10 years, Steve has provided a range of expert services including secure firewall and application design, vulnerability assessments, threat management, security policy, and regulatory compliance. In addition to security, Steve also holds a PhD in Nuclear Engineering from UC Berkeley and has several publications relating to high-performance computing and advanced numerical analysis. His scientific expertise earned the recognition of both the National Science Foundation and the Department of Energy.

Name: Randy Marchany
Title: Faculty Member
Most Advanced Degree:Master of Science MSEE, Computer Engineering, Virginia Polytechnic and State University: B.S., Computer Science, Virginia Polytechnic Institute and State University
Field of Experience: Security. See details below.
Courses: AUD 507 Auditing Networks, Perimeters and Systems, SEC 401 Security Essentials, SEC 504 Hacker Techniques, Exploits and Incident Handling

Randy is the Director of VA Tech's IT Security Laboratory and the University's Assistant IT Security Officer. He is a co-author of the original SANS Top 10 Internet Threats, the SANS Top 20 Internet Threats, the SANS Consensus Roadmap for Defeating DDoS Attacks, and the SANS Incident Response: Step-by-Step guides. He is a member of the Center for Internet Security development team that produced and tested the CIS Solaris, HPUX, AIX, Linux and Windows2000/XP security benchmarks and scoring tools. He was a member of the White House Partnership for Critical Infrastructure Security working group that developed a Consensus Roadmap for responding to the DDOS attacks of 2000.

CERTIFIED INSTRUCTORS - SANS Technology Institute:

Name: Tanya Baccam
Title: Certified lnstructor
Most Advanced Degree: B.S. Dordt College, 3 Majors: Management Information Systems, Business Administration, and Accounting. Five years of credits.
Field of Experience: Security Services. See details below.
Courses: SEC 507 Auding Networks, Perimeters and Systems, SEC 509 Securing Oracle, and other courses

Tanya is a SANS instructor, as well as a SANS courseware author. She also provides many security consulting services for clients such as system audits, vulnerability and risk assessments, database assessments, web application assessments and penetration testing. She has previously worked as the Director of Assurance Services for a security services consulting firm, as well as being the Manager of Infrastructure Security for a healthcare organization. She also served as a Manager at Deloitte & Touche in the Security Services practice. Throughout her career, she's consulted with many clients about their security architecture including areas such as perimeter security, network infrastructure design, system audits, web server security and database security. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, CCSE, CCSA and Oracle DBA certifications.

Name: George Bakos
Title: Certified Instructor
Most Advanced Degree: Many credits in Computer Science, Science, and English Science
Field of Experience: Intrusion Detection. See details below.
Courses: SEC 401 Security Essentials, SEC 502 Firewalls, Perimeter Protection, and Virtual Private Networks, SEC 503 Intrusion Detection In-Depth, SEC 504 Hacker Techniques, Exploits and Incident Handling.

George is the senior security expert at Dartmouth College's Institute for Security Technology Studies (ISTS) where he researches cyber-terrorism and infrastructure protection technologies. His current efforts focus primarily on intrusion detection and large-scale early warning systems in support of the National Institute of Justice's Office of Science and Technology. Before coming to ISTS, George was a security engineer at Electronic Warfare Associates. This position involved audits, penetration tests, policy review and security engineering/implementations for government and commercial clients. He developed and taught the U.S Army National Guard's CERT technical curriculum and ran the NGB's Information Operations Training and Development Center research lab for two years, fielding and supporting Computer Emergency Response Teams (CERTs) nationwide. Outside the lab, George enjoys the beauties of his home state, Vermont, through skiing, ice and rock climbing, and mountain biking.

Name: Chris Brenton
Title: Certified Instructor
Most Advanced Degree: Electrical Engineering Courses at North Eastern in Boston
Field of Experience: Security, Incident Handling. See details below.
Courses: SEC 502 Firewalls, Perimeter Protection and Virtual Private Networks

Chris is an independent consultant who has authored many books including Mastering Network Security, Mastering Cisco Routers, and Active Defense: A Comprehensive Guide to Network Security. Chris is the lead author for the SANS Firewalls, Perimeter Protection and VPNs course. He also maintains courseware in the advanced Audit course in addition to being a SANS Instructor and a lead incident handler for SANS Internet Storm Center.

Name: Guy Bruneau
Title: Certified Instructor
Most Advanced Degree: B.A. in Information Technology, University of Quebec
Field of Experience: Security. See details below.
Courses: SEC 503 Intrusion Detection In-Depth

Guy is a Senior Security Consultant with IPSS Inc. in Ottawa, Ontario. He works within IPSS Inc. security practice assisting clients with their Managed Security Services, Computer Intrusion Detection Operations and Deployment, Network Security Auditing, and Incident Response and Reporting. Guy has a B.A. (IT) from University of Quebec and holds the GIAC GSEC, GCIA, GCIH, GCUX certifications and is a Sun Certified System Administrator. He has been a SANS instructor, Mentor and now a Stay Sharp instructor. He is the author of the OS hardened Shadow/Snort IDS platform based on NSWCs Shadow version 1.8 where the ISO is freely available at: http://www.whitehats.ca. In his spare time, he has worked as a Technical Reviewer for New Rider, QUE Certification and SANS.

Name: Jim Herbeck
Title: Certified Instructor
Most Advanced Degree: B.A., Major in Computer Science and Minor in Business Administration, University of Iowa
Field of Experience: Computer Science. See details below.
Courses: AUD 507 Auditing Networks, Perimeters, and Systems, SEC 401 Security Essentials, SEC 508 Systems Forensics, Investigation and Response.

Jim has spent over 20 years working with information systems in commercial, government, academic and research settings, including MIT Project Athena, HHMI/Harvard University, Motorola, and Sandia National Laboratories. He received a computer science degree from the University of Iowa and has been an adjunct professor for the Computer Science Department at the University of New Mexico. Jim holds the CISSP and GCUX certifications. In addition to being a SANS instructor, he's an independent consultant living in Europe.

Name: David Hoelzer
Title: Certified Instructor
Most Advanced Degree: B.S. in Information Technology, Summa Cum Laude.
Field of Experience: Intrusion Detection and Auditing. See details below.
Courses: SEC 503 Intrusion Detection in Depth, SEC 504 Hacker Techniques, Exploits, and Incident Handling, AUD 507 Auditing Networks, Perimeters and Systems, Audit 410 IT Security Audit and Control Essentials, Audit 411 SANS 17799 Security and Audit Framework, and other courses.

David Hoelzer, Director of Consulting for Cyber-Defense (www.cyber-defense.org), is a high scoring SANS instructor and expert in the fields of intrusion detection, firewalls, incident handling, information security auditing, and secure infrastructure management. While he is currently serving as the adjunct Director of Site Security for SANS, he has in the past served as the Director of the GIAC Certification program for SANS, bringing the GIAC Security Expert certification to life; he continues to serve as the primary exam author for several of SANS' most challenging certifications. David is a Research Fellow in the Center for Cybermedia Research; and also a Research Fellow for ITFF/ROC (Identity Theft and Financial Fraud Research Operations Center. David is an adjunct research associate of the UNLV Cybermedia Research Lab and a Research Fellow with the Internet Forensics Lab. David holds a BS in IT, Summa Cum Laude.

Name: Mark Hofman
Title: Certified Instructor
Most Advanced Degree: B.S., Major in Computing, Minor in Management, Northern Territory University.
Field of Experience: Security. See details below.
Courses: AUDIT 411 SANS 17799 Security and Audit Framework, SEC 401 Security Essentials

Mark started in security in the early 90's. He has worked for state and federal government as well as the private sector and is currently working as a security consultant for Shearwater Solutions. He has been involved in many aspects of security ranging from the development of security plans and policies to AS/NZS 7799 work to designing and implementing security solutions. He has been teaching summer and winter school at a Sydney University and is currently working on a number of projects. He holds professional certifications including CISSP and GCFW.

Name: Rob Lee
Title: Certified Instructor
Most Advanced Degree: B.S. Space Operations Engineering, U.S. Air Force Academy, 1996.
Field of Experience: Forensics. See details below.
Courses: SEC 508 System Forensics, Investigation, and Response.

Rob Lee is a member of ManTech's Computer Forensics & Intrusion Analysis Division that provides advanced computer forensics and intrusion operations support to the national security and intelligence communities. He works for commercial and government clients, providing incident response, forensics, intrusion detection, vulnerability analysis, and specialized R&D. Rob is a graduate of the U.S. Air Force Academy. He served in the U.S. Air Force performing intrusion detection while at the 609th Information Warfare Squadron. As a member of the Air Force Office of Special Investigations he performed network wiretaps, computer forensics, and conducted computer crime intrusion investigations. Rob regularly assists the Honeynet Project and coauthored the bestselling book, Know Your Enemy, 2nd Edition.

Name: Michael Murr
Title: Certified Instructor
Most Advanced Degree: B.S., Major in Computer Science, Minor in Mathematics, California State University at Channel Islands
Field of Experience: Forensics. See details below.
Courses: SEC 508 Systems Forensics, Investigation and Response, SEC 504 Hacker Techniques, Exploits and Incident Handling

Michael has been a forensic analyst with Code-X Technologies for over 4 years, and has conducted numerous investigations and computer forensic examinations. Michael has Mentored SANS Security 504 (Incident Handling and Computer Hacker Techniques), SANS Security 508 (System Forensics, Investigation, and Response), has led SANS@Home courses and is a member of the GIAC Advisory Board. Currently, Michael holds the GCIH, GCFA, and GREM certifications and is pursuing degrees in Computer Science and Mathematics at California State University at Channel Islands.

Name: Becky Pinkard
Title: Certified Instructor
Most Advanced Degree: B.A., Psychology, Texas A & M University
Field of Experience: See details below
Courses: SEC 401 Security Essentials

Becky has worked in the information technology industry for over 10 years. She is currently a senior security manager with a Fortune 20 company where she is lucky enough to work with security technology on a daily basis. She has written and edited course, test, and lab material for SANS. Becky is a SANS Certified Instructor and has taught for the SANS Institute since 2001. She has participated as a GIAC GCIA advisory board member and on the Strategic Advisory Council for the Center for Internet Security (http://www.cisecurity.org/). She is a co-author of the Syngress book, Intrusion Prevention and Active Response, Deploying Network and Host IPS. Additionally, Becky has setup enterprise intrusion detection systems, designed patch, vulnerability and firewall strategies, performed security audits and assessments, worked forensics cases, and developed security awareness training in small and large environments. This background is rolled into her teaching style and helps give students that unique SANS experience and advantage.

Name: Mike Poor, Intrusion Detection
Title: Certified Instructor
Most Advanced Degree: Undergraduate Diploma, Combat Journalism, Brazilian Military War College.
Field of Experience: Intrusion Detection, Response, and Mitigation. See details below.
Courses: SEC 503 Intrusion Detection in Depth, SEC 504 Hacker Techniques, Exploits, and Incident Handling.

Mike is a founder and Senior Security Analyst for the DC firm Intelguardians LLC. In his recent past life he has worked for Sourcefire, as a research engineer, and for SANS leading their Intrusion Analysis Team. As a consultant, Mike conducts forensic analysis, penetration tests, vulnerability assessments, security audits and architecture reviews. His primary job focus however is in intrusion detection, response, and mitigation. Mike currently holds both GSEC and GCIA certifications and is an expert in network engineering and systems, network and web administration. Mike is an author of the international best selling Snort 2.1 book from Syngress, and is a Handler for the Internet Storm Center.

Name: William Stearns
Title: Certified Instructor
Most Advanced Degree: B.A., Math, University of Vermont
Field of Experience: Security. See details below.
Courses: SEC 502 Firewalls, Perimeter Protection, and Virtual Private Networks, SEC 506 Securing Unix/Linus

Bill is a Senior Research Engineer at Dartmouth's Institute for Security Technology Studies, working on Honeypot development and other network security projects. He is a content author and faculty member at SANS. His background is in network and operating system security; he was the chief architect of a commercial firewall and is an active contributor to the Linux development effort. His spare time is spent coordinating and maintaining an antispam blacklist. Bill's articles and tools can be found in SysAdmin magazine, online journals, and at http://www.stearns.org.

Name: James Tarala
Title: Certified Instructor
Most Advanced Degree: B.S., Linguistics, Philadelphia Biblical University. He is currently enrolled at University of Maryland in Computer Science Management focusing on Information Assurance. He will be done with masters certificate at the end of this semester, in December 2006, and the full degree the following December 2007.
Field of Experience: Security and Audit. See details below.
Courses: SEC 401 Security Essentials, All AUDIT, SEC 617 Assessing and Securing Wireless Network Security.

James currently works with Bon Secours Healthcare System, Inc. and is responsible for many of the HIPAA related initiatives within that organization. He is also responsible for implementing and maintaining authentication systems and serves as a lead on their information assurance, auditing, and emergency response teams. He works with SANS as a courseware author and instructor and spends a large part of his time performing information security audits and providing consulting services to various government and healthcare organizations.

Name: Joshua Wright
Title: Certified Instructor
Most Advanced Degree: B.S., Information Science, Johnson and Wales University in Providence, Rhode Island.
Field of Experience: Security. See details below.
Courses: Legal Courses

Joshua is the author of several papers on wireless security and intrusion analysis, and the co-author of Securing Cisco Routers: Step-by-Step, a book published by SANS. In a consulting role, he has worked with Fortune 500 companies, federal agencies, and educational institutions addressing issues related to wireless security, vulnerability assessment, and secure network design. He currently serves as the senior security researcher for Aruba Wireless Networks and is an instructor for SANS.

“SANS provides top instructors; that is what separates SANS from all other learning opportunities.” Todd Greenlaw, Telus

The SANS Technology Institute

Faculty

Version 1.3

FACULTY - SANS Technology Institute

CERTIFIED INSTRUCTORS - SANS Technology Institute:

“SANS provides top instructors; that is what separates SANS from all other learning opportunities.”
Todd Greenlaw, Telus