Profile
Curiosity wins the day! That is Mike Pilkington's teaching philosophy, because from his perspective, you have to be inspired and excited about solving difficult cases if you want to be great at forensics. As Mike says, "you have to be willing to search for the answers that others can't or won't find." Mike's infectious enthusiasm for digital forensics comes through in his work, in his classes, and in his day-to-day life. It's clear that his hobby and his job are one in the same.
Before joining SANS full-time, Mike led the US incident response team and the global internal investigations forensics team at Shell. Prior to Shell, Mike had several roles in IT at Halliburton, including senior incident responder for the last several years of his tenure there. Mike's core responsibilities were responding to malware and intrusion cases, leading various enterprise DFIR tooling projects, and consulting with internal groups on security reviews and initiatives.
Over the years, Mike has accumulated a broad range of technical expertise, having spent significant time performing software quality assurance, Windows systems administration, LAN and WAN network administration, firewall and IDS/IPS security administration, computer forensic analysis, and incident response. As a forensic analyst, he worked HR investigations, including cases involving intellectual property theft, inappropriate use of the Internet, employee hacking, IT administrator privilege abuse, and illegal downloading of copyrighted materials. Mike is also a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition.
Mike holds a bachelor's degree in mechanical engineering from the University of Texas, as well as numerous IT security certifications.
- Deep background in corporate cybersecurity
- SANS instructor since 2008
- Professional qualifications: GCFA, GCFE, GNFA, GREM, GCTI, EnCE, CISSP
Get to Know Mike Pilkington:
- Mike's DFIR articles are available at https://digital-forensics.sans.org/blog/author/mpilkington
- Mike co-authored the SANS Forensics "Find Evil" and "Hunt Evil" posters
- Mike created an example forensics report for SANS FOR500 students (available upon request)
- In addition to regularly presenting six-day SANS forensics classes, Mike's additional speaking engagements include the SANS DFIR Summit, SANS conferences, MIRcon, ISSA, and HTCIA
Listen to Mike discuss Privileged Domain Account Protection: How to Limit Credentials Exposure in this SANS webcast.