Mark Baggett

Mark Baggett's first foray into information security was on the receiving end of hacking, and he was amazed by the experience. "The hackers made my computer do stuff that I didn't think was possible," he says. "It was like magic and I had to know how the trick was done." He immediately became obsessed with understanding all the tricks, how they worked, and how to prevent them from happening again.

Fast forward to today and Mark's infosec career spans nearly 30 years with 15 of those years spent teaching for SANS. Mark is currently a senior instructor for SANS and an independent consultant through his company Indepth Defense providing forensics, incident response, and penetration testing services. Mark has also served as the technical advisor to the DoD for SANS since 2011, where he assists various government organizations in the development of information security capabilities.

Mark still finds information security as fun as the first day he discovered it, and feels that learning about information security should be fun too. "I really want the students to enjoy their classroom experience and look forward to learning skills that will make them more effective information security professionals," he says. And Mark stays busy in the SANS classroom teaching SEC573: Automating Information Security with Python; SEC560: Network Penetration Testing and Ethical Hacking; SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling; and The Essentials of Automating Information Security with Python.

As an instructor, Mark's enjoyment of information security is infectious and his favorite moments are when students solve complex problems they thought were beyond their capability at the beginning of the week. "When students learn how to code and how to apply it to their day jobs it changes their lives forever," he says.

"It is my goal to meet the student where his or her current skill level is and move them forward," says Mark, noting that his most successful students are those who are honest about where their skills are and willing to put in the work to improve. "I'll promise to give them the resources and assistance they need in a way that is both entertaining and judgement-free."

Mark recalls a recent interaction with an SEC573 student that demonstrates the growth potential SANS courses provide. "A student came up to me in class and shared that he had taken 4 years of college courses and 4 months of military training, and he hated programming and really wasn't looking forward to sitting in SEC573 for a week with me," recalls Mark. "But after only four days I had changed his mind about programming. It was fun! He was enjoying the challenges instead of dreading them and said he'd learned more about how to actually use his skills in real world scenarios in 4 days than in all those years of prior training."

Mark sees information security as the evolution of information technology challenges, moving from making computers do what they're supposed to do to getting computers to do what they aren't supposed to do. Something that requires constant learning. "Hacker techniques are constantly changing and in a few cases evolving. When I stop learning, I stop being effective," says Mark.

One of Mark's most challenging and fulfilling roles was working as the chief information security officer for a midsized media company. "I've always been committed to maintaining a high level of technical proficiency and expertise. Being able to use that in an executive position while leading a talented team, educating my peers on the board, setting strategy, and working to secure the organization was extremely challenging but very fulfilling."

Mark has a master's degree in information security engineering and is the 15th person in the world to receive the prestigious GIAC Security Expert certification (GSE). He also holds GPYC, GXPN, GPEN, GCIA, GCIH, GSEC, GWAPT, and GCPM certifications.

An active participant in the information security community, Mark is the founding president of The Greater Augusta Information Systems Security Association (ISSA) chapter which has been extremely successful in bringing networking and educational opportunities to Augusta information technology workers. He's also co-founder of the BSidesAugusta Information Security Conference, and has written a number of articles on information security topics.

Summary of Credentials:

Qualifications Summary

Get to Know Mark Baggett

Student Quotes

"Mark's teaching style is very relevant and sets an atmosphere where you are excited to learn." - Jeff Turner, Lexis Nexis Risk Solutions


  • GSE Number 15 (GIAC Security Expert)
  • GPYC (GIAC Python Coder)
  • GXPN (GIAC Exploit Researcher and Advanced Penetration Tester)
  • GPEN (GIAC Certified Penetration Tester)
  • GCIA (GIAC Certified Incident Analyst)
  • GCIH (GIAC Certified Incident Handler)
  • GSEC (GIAC Security Essentials)
  • GWAPT (GIAC Web Application Penetration Tester)
  • GCPM (GIAC Certified Project Manager)