SANS SEC 504

Last week I found myself among over a thousand nerds and geeks learning the latest techniques to defend a network — yes, it must be a SANS conference.  This year I decided to take SEC 504 – Hacker Techniques, Exploits & Incident Handling to better understand the latest attack methodologies and how best to defend against them.  I learned a great deal from my first SANS class, SEC 503 – Intrusion Detection In-Depth, so I was very much looking forward to this one and was not disappointed.

My instructor, John Strand, was awesome.  Sharp, knowledgeable, and thoroughly engaging, he was one of the best instructors I’ve had.  He introduced us to a vast array of computer security tools and configurations to better defend our networks with and I’m really excited to start implementing them in my own corporate network.  But what I appreciated the most were the “war stories” from his years of experience performing penetration tests, incident response, and computer forensics.  By connecting the theories of the class with real world stories, he brought the material to life and showed just how critical information security is in today’s world.  He also never hesitated to go beyond the stated curriculum to answer a question or show us a new tool or technique that he felt would be valuable to us.

For anyone who’s never taken a SANS class or is interested in taking one, I highly recommend SEC 504 with John Strand.  Now onto studying for the GIAC Certified Incident Handler (GCIH) certification!

Related Posts

Elastic Explained: How To Create a Cluster with Docker Compose

Elastic Explained: How To Create a Cluster with Docker Compose

Overview In this guide we'll walkthrough setting up and running an externally accessible three-node Elastic cluster using Docker Compose on Ubuntu Linux 22.04 that's suitable for a home lab or developer / test environment. Our Elastic deployment will include the...

Zeekurity Zen – Part IX: How To Update Zeek

Zeekurity Zen – Part IX: How To Update Zeek

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...

Elastic Explained: How To Guides For The Elastic Stack

Elastic Explained: How To Guides For The Elastic Stack

Elastic develops the popular log analytics platform, the Elastic Stack, which supports a variety of search, observability, and security use cases through its many out of the box integrations.  It's a great platform for collecting, analyzing, and visualizing data from...

Transform Your Business & Operate at Peak Efficiency