Update to the update of the update – SEC504 Class News

SANS SEC504 - Acting as a Mentor for the SANS SEC504 class

Source:  SANS Mentor SEC504 Session and SANS Mentor Page and SANS 504 Flyer

Alright, I’ll stop with all the updates. . . Maybe (although, I may have some other updates, soon to follow).

But I do have an immediate piece of news I’m going to release. I’m changing the dates/times of the SEC504 Class that I’m teaching for SANS.

So, here it is. I’m going to be teaching the course on a Friday, as opposed to the originally planned Thursday. The course will now officially be: Fri Feb 26 – Fri Apr 29, 2016

Please check out the new course details at the SANS Mentor SEC504 Session.

What has me most excited, is the format of the class, and the whole Mentor program. The mentor program is great for students who prefer or are forced to study on their own, as opposed to sitting in a 5-day class. How the class format works, is students are responsible for studying the material, and the class meets once a week for a group session of studying, or answering questions.  I am available to students for over 10 weeks, to assist in studying, and answering questions.  I see this as a huge positive, as many of us in the industry are, we are self-learners, and we have taught ourselves to learn on our own. The SANS Mentor program, is a perfect example on learning on your own, and moving at a decently rapid pace.

I am extremely excited to get the opportunity to work with SANS, on this fun and exciting course. It has been my favorite SANS course I’ve attended, and it will be exciting to get to mentor future students in the class and help them on their way to become a SANS GIAC Certified Incident Handler (GCIH).

From the GCIH information page:

Incident handlers manage security incidents by understanding common attack techniques, vectors and tools as well as defending against and/or responding to such attacks when they occur. The GCIH certification focuses on detecting, responding, and resolving computer security incidents and covers the following security techniques:

  • The steps of the incident handling process
  • Detecting malicious applications and network activity
  • Common attack techniques that compromise hosts
  • Detecting and analyzing system and network vulnerabilities
  • Continuous process improvement by discovering the root causes of incidents


From the SANS SEC504 page:

The Internet is full of powerful hacking tools and bad guys using them extensively. If your organization has an Internet connection or one or two disgruntled employees (and whose doesn’t!), your computer systems will get attacked. From the five, ten, or even one hundred daily probes against your Internet infrastructure to the malicious insider slowly creeping through your most vital information assets, attackers are targeting your systems with increasing viciousness and stealth. As defenders, it is essential we understand these hacking tools and techniques.

By helping you understand attackers’ tactics and strategies in detail, giving you hands-on experience in finding vulnerabilities and discovering intrusions, and equipping you with a comprehensive incident handling plan, this course helps you turn the tables on computer attackers. It addresses the latest cutting-edge insidious attack vectors, the “oldie-but-goodie” attacks that are still prevalent, and everything in between. Instead of merely teaching a few hack attack tricks, this course provides a time-tested, step-by-step process for responding to computer incidents, and a detailed description of how attackers undermine systems so you can prepare, detect, and respond to them. In addition, the course explores the legal issues associated with responding to computer attacks, including employee monitoring, working with law enforcement, and handling evidence. Finally, students will participate in a hands-on workshop that focuses on scanning for, exploiting, and defending systems. It will enable you to discover the holes in your system before the bad guys do!

The course is particularly well-suited to individuals who lead or are a part of an incident handling team. General security practitioners, system administrators, and security architects will benefit by understanding how to design, build, and operate their systems to prevent, detect, and respond to attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.