Christopher Crowley is the course author for SANS Management 517 - Managing Security Operations and SANS Management 535 - Incident Response Team Management.
Chris holds several industry certifications including the GSEC, GCIA, GCIH (gold), GCFA, GPEN, GMOB, GASF, GREM, GXPN, and CISSP.
His teaching experience includes FOR585, MGT517, MGT535, SEC401, SEC503, SEC504, SEC560, SEC575, and SEC580; Apache web server administration and configuration; and shell programming. He was awarded the SANS 2009 Local Mentor of the year award. "The Mentor of the Year Award is given to SANS Mentors who excel in leading SANS Mentor Training classes in their local communities." Mr. Crowley spends his spare time mountain biking, rock climbing and savoring epicurean treats.
Hear Christopher teach about Threat Hunting in Security Operation here.
“I'm simply amazed at the instructor’s vast knowledge and experience. But most importantly, his expert ability to articulate the material across the spectrum – from simple to complex – in what appears to be effortless for him. My favorite Einstein quote is, "If you can't explain it simply, then you don't know it well enough." The instructor, Christopher Crowley, obviously knows how to explain ANY topic simply. The result was enabling me to focus on what was being presented and to absorb the enormous volume of information in a short period of time. His warm demeanor and wit was also much appreciated. He is truly a consummate professional who is unquestionably dedicated to his students. Thank you for an incredible experience!” - Former Student
ADDITIONAL CONTRIBUTIONS BY CHRISTOPHER CROWLEY:
Paul's Security Weekly #529 - Mobile Application Assessment with Chris Crowley
Excellent Architecture - Avoid Common Mistakes in Security Operations with Chris Crowley
Vampirism and the Donut Economy by Chris Crowley
Preventing Runtime Exploits: The SANS Implementation Guide for RunSafe Security’s Alkemist, August 2020
Force Multiplier: How we use SOAR to maximize our own SOC analyst efficiency while minimizing fatigue and burnout, July 2020
The Essential Top SOAR use cases, July 2020
Mobile Assessments: Attack Surface and Frameworks, May 2020
Empower Your Security Team with Approachable Threat Intelligence, March 2020
Threat Actor Analysis and Strategic Security Investments, February 2020
SANS Automation & Orchestration Solutions Forum, January 2020
Hiring and retaining for the SOC: Recruit, Train, and Retain Talented and Dedicated Staff, November 2019
Common and Best Practices for Security Operations Centers: Panel Discussion, July 2019
How To Increase MITRE ATT&CK Coverage with Network Traffic Analysis, June 2019
SANS Automation & Integration Security Briefing: SOARing to New Heights - Using Orchestration & Automation Tools in the Way They're Intended, February 2019
An Evaluator's Guide to Next-Generation SIEM, December 2018
SANS Security Operations Center Briefing: Knowledge Retention, Staff Training, Automation & Operationalization 2018, November 2018
How Network Traffic Analytics Eliminates Darkspace for the SOC, August 2018
Fundamentals of Security Operations, July 2018
Walk, Run, Fly: Key Characteristics of Attaining an Advanced SOC Best practice tips on how to enter the advanced SOC dimension, February 2018
Use Case Development for Security Operations, January 2018
What Your SecOps Team Can (and Should) Do