Profile
David Mashburn started out in a non-IT career path, but with his aptitude for computers, he ended up staying immersed in technology. He moved into a technical role, and then followed a fairly typical IT career progression, from Help Desk to System Administration. Along the way, he picked up networking, and that was when he first got introduced to security. He really loved the idea of defending systems and networks, and while he continued to learn in other areas such as databases and development, he had that interest in security that really drove how he viewed those topics.
After getting this wide and in some areas deep experience in multiple IT disciplines, he pivoted over to focusing on security full-time. That path, he felt, really helped to make him more effective as a security practitioner, since he can see things from the security perspective, and also speak and understand the language of other technology arenas.
David finds the idea of working as a defender very appealing, to keep his company and customer data safe. That is a clear mission, and he accepts that it is a challenge to make that happen given the broad attack surface and the constant efforts by adversaries to mount attacks. Companies don't exist for the sake of security, but most companies would not be able to function without information security. He likes to think of his role as making sure his company can do what it is supposed to do.
Presently, David is a SANS Certified Instructor, CISO at Embry-Riddle Aeronautical University, and co-author of SEC587: Advanced Open-Source Intelligence (OSINT) Gathering and Analysis. He is also a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition. David enjoys being able to work with data and logs at an enormous scale, investigate and triage security incidents constantly, and work in a very complex, fast-paced environment. Previously, David worked in many other organizations, ranging from early-stage start-ups to non-profits to government. That broad view of different companies helps David relate to almost any work environment for a student, as he’s likely experienced something similar to what they deal with in their professional roles. David thinks this ability to relate to students and share his own experiences that may be relevant to them, really makes him an effective instructor, since they can speak that common language and see how the material that he teaches at SANS can be applied to their own environments, since he has "been there, done that" throughout his career.
David has a Master of Science in Computer Science from Johns Hopkins University, and holds several security-related certifications, including GIAC GSE (#157), GOSI, GNFA, GMON, GCFA, GCDA, GWAPT, GXPN, GCIA (Gold), GPEN, GCIH, and GSEC.
Beyond the classroom, David enjoys coaching (competitive swimming), Martial arts, and playing baseball.
Watch David present at the SANS Blue Team Summit
PUBLICATIONS
NetFlow Collection and Analysis Using NFCAPD, Python, and Splunk
Threat Hunting 101: Not Mission Impossible for the Resource-Challenged
WEBCASTS