Stephen Sims

Stephen Sims began working on computers at a young age with a fellow enthusiast: his father. Amazed by how easy it was to change an application's intended behavior, Stephen was quickly hooked. Today, he's an industry expert with over 15 years of experience in information technology and security.

Stephen has worked for Wells Fargo, Charles Schwab, CSC, and is now a full-time consultant helping clients with product security testing, reverse engineering, penetration testing, exploit developing, threat modeling, secure coding, and more, giving him ample opportunity to use his skills in a variety of ways. "You will never know everything in this field and there are so many directions one can take," he says. "If you ever get bored with an area in security you can change over to a hundred other exciting roles."

Shortly after launching his career, Stephen set the goal of becoming a SANS instructor. After attending a SANS training in 2003, he was blown away by the knowledge and presentation skills of the instructor. "SANS also gives so much back to the community through immersion programs and scholarships to veterans and underrepresented groups," says Stephen. "I set becoming a SANS instructor as a goal of mine and went after it."

Stephen became a SANS instructor in 2006, and today is curriculum lead for SANS Penetration Testing and SANS Cyber Defense and faculty fellow for the SANS Institute. He authored SANS' only 700-level course, SEC760: Advanced Exploit Development for Penetration Testers, which concentrates on complex heap overflows, patch diffing, and client-side exploits. And he's the lead author of SEC660: Advanced Penetration Testing, Exploits, and Ethical Hacking. In the classroom, you'll find him teaching these courses along with SEC401: Security Essentials Bootcamp Style and SEC501: Advanced Security Essentials - Enterprise Defender.

As an instructor, Stephen enjoys watching his students work through a problem to completion, either on their own or in collaboration with another student. "You learn a lot more when you work hard to solve a complex problem without asking for assistance," he says, noting that you should never be afraid to ask for help when you need it. "Sometimes we all need a little nudge in the right direction, but it's always best to exhaust all possibilities first."

Stephen says his most successful students are ones who come to class well-rested and with an open mind. "Be prepared to have to work through solutions and spend additional time after class is over to go back through in order to absorb all of the material," he says.

Stephen is the 9th person in the world to receive the prestigious GIAC Security Expert certification (GSE). He is a Certified Information Systems Auditor (CISA) and certified Immunity Network Offense Professional (Immunity NOP), along with many other certifications.

An author of the Gray Hat Hacking book series, Stephen holds a master's degree in information assurance from Norwich University.  A frequent presenter, Stephen has spoken at RSA USA for the past five years and was keynote speaker for the 2019 event. He's also presented at OWASP AppSec, BSidesCharm, AISA, and more. When he's not working, you'll find him hitting the slopes on his snowboard and writing music.

Summary of Credentials

Qualifications Summary

Get to Know Stephen Sims

Student Quotes

  • "Looking at everything I have learned from Stephen, I definitely feel I have gained an edge when it comes to the augmentation of my pentest skills. He made the impossible understandable and I am grateful for that." - Alexander Cobblah, Booz Allen Hamilton


  • GSE Number 9 (GIAC Security Expert)
  • CISA (Certified Information Systems Auditor)
  • CISSP (Certified Information Systems Security Professional)
  • Immunity NOP (Immunity Network Offense Professional)