Profile
Andrew Laman has over 25 years’ experience in information technology and security covering many jobs: help desk, sysadmin, network engineer, and security analyst (performing both red team and blue team functions). In addition to technical roles, he’s held leadership positions from team lead to senior leadership roles including AVP of IT security and infrastructure. Andrew had the opportunity to work in many different industries and in locations throughout most of the world.
In 2014, while studying for his SEC503 recertification exam, he found a typo in one of the labs: a missing comma from a Snort config. After reporting it to the course author, Judy Novak, they started a wonderful friendship. Judy allowed him to help test new labs, eventually leading to him writing course content and labs for SEC503. As they worked together, Judy encouraged and supported him becoming an instructor. She recognized how much he enjoyed mentoring and training teams and knew his love for packets would be a great fit for instructing SEC503.
Andrew has always loved mentoring, teaching and sharing knowledge, especially about packets, but SEC503 is about much more. He enjoys working on developing critical thinking and analysis skills that help in almost all areas of security and IT.
Andrew is the founder and principal consultant at A4 InfoSec, an independent consulting firm with services focusing on monitoring, detection, and incident response, as well as a SANS Senior Instructor and course contributor for SEC503: Network Monitoring and Threat Detection In-Depth. He is a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition.
Andrew has earned a number of certifications, including GSE, GCIH, GCIA, GSNA, GCFA, GPEN, GAWN, GXPN, GREM, GMOB, GNFA, GSEC, GMON, GCUX, GCDA, GPYC, GRID, and CISSP.
When not crafting or manipulating packets, Andrew is an outdoor enthusiast usually attempting to keep his wife from getting lost up some mountain.
Watch Andrew present at the SANS Blue Team Summit
WEBCASTS
- ICMP: a world beyond ping, June 2020
- Current State of Vulnerability Management: Part 1 of the SANS Vulnerability Management Survey Results, April 2019
BLOG