Kevin Fiscus

Kevin Fiscus is an information security expert with over 27 years of IT experience, more than half of which has been focused exclusively on information security. He is the founder and lead consultant for Cyber Defense Advisors where he performs security and risk assessments, vulnerability and penetration testing, security program design, policy development, and security awareness. An instructor since 2004, Kevin has taught many of SANS's most popular courses including SEC401, SEC464, SEC503, SEC504, SEC542, SEC560, SEC561, SEC575, FOR508, and MGT414. On top of this, Kevin is GSE #36.

Watch Kevin on his Cyber Deception YouTube channel, Take Back the Advantage.

More About Kevin


Kevin pursued a career in information security in 1994 after reading an article about someone who got paid to break into government and fortune 100 networks. It fascinated him. After researching a bit, he realized the skill it must take to not only compromise these systems, but, even more so, defend a computer network from attack.

He says, "I believe that information security is one of the most important endeavors in today's society as virtually every aspect of our society is affected by cyber security threats. I want to do my part to ensure that risks can be reduced and that defenders have as much knowledge and as many tools at their disposal as possible."

Kevin became a SANS instructor in 2004 to provide this knowledge and these tools to security practitioners using the experience he's gained over the years. In the classroom you'll find him teaching SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC560: Network Penetration Testing and Ethical Hacking. He notes that some of his favorite moments from the classroom are, "Watching the 'light' turn on after a student who was having difficulty grasping a topic finally 'gets it'."

Kevin currently holds several security certifications and is proud to have earned the top information security certification in the industry, the GIAC Security Expert. He has also achieved the distinctive title of SANS Cyber Guardian for both red team and blue team. Kevin has taught many of SANS's most popular classes including SEC401, SEC464, SEC503, SEC504, SEC542, SEC560, SEC561, SEC575, FOR508, and MGT414.



Using Deception Technologies to Defend Against Active Directory and Ransomware Attacks, April 2020

Detecting the Deceivers through Deception, April 2020

Take Back The Advantage - Cyber Deception for the Win, April 2020

Which SANS Pen Test Course Should I Take? SEC560 Edition, June 2018