Leading a SANS SEC504: Hacker Techniques Mentor class starting in July

To those in the DFW area (or those who know someone in the area), I will be conducting a SANS Security 504: Hacker Techniques, Exploits & Incident Handling Mentor class beginning in July.

Running over ten sessions, students are able to train with SANS at a pace designed to allow more time to absorb the course content while not being out of the office for a week or incurring travel costs.

Class starts July 23rd and will meet over 10 Tuesday evenings running from 6:30-8:30PM.  Full schedule and details are available at https://www.sans.org/event/32987.

Tuition is $3077 if you register by June 25th, using Discount Code DRIVE13.

Some of what you will learn includes:

  • The tactics used by computer attackers
  • The latest attack vectors and how to stop them
  • Proactive and reactive defenses for each stage of an attack
  • Strategies and tools for detecting each type of attack
  • Attacks and defenses for Windows, Unix, switches, routers and other systems
  • Application-level vulnerabilities, attacks, and defenses
  • How to develop an incident handling process and prepare a team for battle
  • Legal issues in incident handling
  • How to recover from computer attacks and restore systems for business

When registering, it would be a great help to me if you would enter “MENTOR RECRUIT” in the Comments section of the registration.

Thanks, and I look forward to seeing some familiar faces in July.

Shortage of InfoSec pros noticed, but how many do we need?

This story caught my eye a few weeks ago and I sort of brushed it off as a standard story of how the US is doomed unless we keep up with the programs of other nations who apparently have people far better at penetrating systems than we ever will, and the only way to keep up is to pump tens of thousands of people through training. I tend to dismiss these stories because although they often have a grain of truth to them, there’s usually more going on than people understand.

Before I get into this, I want you to understand that I am not disagreeing with the need for more InfoSec pros and definitely the need for better training. We see the need for it all the time when we see breaches happening that should never have happened. Sure, there are going to be those that happen because someone found a serious 0-day and slipped in before anyone knew it was a problem. But most of the time, probably closer to 99% of the time, these things happen not because of a new attack but because the existing infrastructure wasn’t protected properly against current attacks. Continue reading “Shortage of InfoSec pros noticed, but how many do we need?”