Karim Lalji

Learn IT and Cybersecurity with Karim, an experienced professional with over 15 years in the field. Currently serving as the North America Penetration Testing Lead for a global professional services firm, Karim specializes in offensive security. Leading a team focused on penetration testing, red teams, purple teams, and adversary simulations, he brings practical insights from diverse projects across federal governments, financial institutions, police forces, energy sectors, and Fortune 500 companies. Benefit from Karim's wealth of real-world experience as you delve into the intricacies of offensive operations, gaining a solid foundation in this vital field.

Karim holds 10 GIAC certifications, including the prestigious GIAC Security Expert (GSE) and is a proud alumnus from the Masters of Science in Information Security Engineering (MSISE) at the SANS Technology Institute.

More About Karim


Prior to joining SANS as an instructor, Karim spent several years teaching university classes to undergraduate students in subjects such as network exploitation and attacks, penetration testing with Kali Linux, and cybersecurity foundations. He has spoken at security conferences, recorded podcasts, and published research papers on the SANS reading room.

Karim considers himself a lifelong learner and has presented security related subject matter to various target audiences ranging from junior technical team members up to C-Suite executives. Karim is very passionate about all things security and enjoys sharing his experiences with others.



SANS@MIC: Why So Serious? Insecure Object Deserialization Demystified


The Cyber Wire Research Saturday Podcast – Like anything these days, you have to disinfect it first


Real-Time Honeypot Forensic Investigation on CyberBunker, a Darknet Organized Crime Network

Fear of the Unknown: A Meta-Analysis of Insecure Object Deserialization Vulnerabilities