... dedicated to the pursuit of making money!


SANS Hacker Techniques, Exploits & Incident Handling (a.k.a. Security 504) Review

February 04, 2007

Training requirements recently required me to take this course so I thought I’d share some of the highlights with all of you. I physically (as opposed to virtually) attended the course in Anaheim, California in one of the Disneyland hotels (SANS is famous for hosting training at top notch vacation destinations).


The course was taught by a savvy instructor named John Strand who did a great job of injecting geek trivia, techie humor, and real life examples in an attempt to keep the attention of his students. The course, (as you might guess from the name) covers a broad range of computer attacks dating from the beginning of computers up to current day. SANS 504 does a nice job of bringing a novice incident handler (or somebody wanting to get into incident response) up to speed by making them aware of the current and historical computer security threats and showing them how to properly defend against them. More experienced security professionals probably won’t be overly impressed, but will still learn new things and should still strongly consider attending (especially if your company will pick up the tab).


My only complaint with the course is that I didn’t think that web application attacks got enough attention. It seemed like we spent more time discussing things like format string attacks. Since attacks like SQL injection and Cross-site scripting are currently a huge problem I think they should probably have their own day (hey somebody has to stand up for the neglected web based attacks). I have a feeling that this will change soon. SANS seems to be constantly modifying the contents of their courses, so I’m sure that with the current attack trends and course feedback info, the course will continue to evolve ;-)


For more information on this course check the SANS website



What the future has in store

You can expect this site to change fairly regularly (probably a least once per week). I will be using it mostly as a way to centrally house my ideas and as a way to test new and/or exciting projects that I happen to be working on. If you'd like to see something on this site or have any sort of feedback please feel free to contact me.