About the Authors

Eric Conrad (CISSP, GIAC GSE, GPEN, GCIH, GCIA, GCFA, GAWN, GSEC, GISP, GCED), is a Senior SANS instructor and CTO of Backshore Communications, which provides information warfare, hunt teaming, penetration testing, incident handling, and intrusion detection consulting services. Eric started his professional career in 1991 as a UNIX systems administrator for a small oceanographic communications company. He gained information security experience in a variety of industries, including research, education, power, Internet, and healthcare, in positions ranging from systems programmer to security engineer to HIPAA security officer and ISSO. He is lead author of MGT414: SANS Training Program for CISSP® Certification, and co-author of SANS SEC511: Continuous Monitoring and Security Operations and SANS SEC542: Web App Penetration Testing and Ethical Hacking. Eric graduated from the SANS Technology Institute with a Master of Science degree in Information Security Engineering. He earned his Bachelor of Arts in English from Bridgewater State College. Eric lives in Peaks Island, Maine, with his family, Melissa, Eric, and Emma. His website is http://ericconrad.com.

Seth Misenar (CISSP, GIAC GSE, GSEC, GPPA, GCIA, GCIH, GCWN, GCFA, GWAPT, GPEN) is a Cyber Security Expert who serves as Senior Instructor with the SANS Institute and Principal Consultant at Context Security, LLC. He is numbered among the few security experts worldwide to have achieved the GIAC GSE (#28) credential. Seth teaches a variety of cyber security courses for the SANS Institute including two very popular courses for which he is lead author: the bestselling SEC511: Continuous Monitoring and Security Operations and SEC542: Web Application Penetration Testing and Ethical Hacking. He also serves as co-author for MGT414: SANS Training Program for CISSP® Certification. Seth’s background includes security research, intrusion analysis, incident response, security architecture design, network and web application penetration testing. He has previously served as a security consultant for Fortune 100 companies, as well as, the HIPAA Security Officer for a state government agency. Seth has a Bachelor of Science degree in Philosophy from Millsaps College and resides in Jackson, Mississippi with his wife, Rachel, and children, Jude, Hazel, and Shepherd.

Joshua Feldman (CISSP) is a Vice President at the Moody’s Corporation – a bond ratings agency critical to the security, health and welfare of the global commerce sector. He drives M&A, security architecture, design, and integration efforts for IT Risk and InfoSec. Before taking on this promotion, Joshua was the Enterprise Security Architect for Corning, Inc. At Corning, Joshua helped to deliver a slew of security transformations for Corning and was a key team member focused on maturing the security function. From 2002 until 2012, he worked as the Technical Director of a US DoD cyber-security services contract. Supporting the DoD, he helped create the current standard used for assessing cyber threats and analyzing potential adversaries for impact. During his tenure, he supported many DoD organizations including the Office of the Secretary of Defense, DISA, and the Combatant Commands. Joshua got his start in the cyber security field when he left his high school science teaching position in 1997 and began working for Network Flight Recorder (NFR, Inc.), a small Washington, DC based startup making the first generation of Network Intrusion Detection Systems. He has a Bachelor’s of Science from the University of Maryland and a Master’s in Cyber Operations from National Defense University. He currently resides in New York, NY with his two dogs, Jacky and Lily.

Bryan Simon (CISSP) is an internationally recognized expert in cybersecurity and has been working in the information technology and security field since 1991. Over the course of his career, Bryan has held various technical and managerial positions in the education, environmental, accounting, and financial services sectors. Bryan speaks on a regular basis at international conferences and with the press on matters of cybersecurity. He has instructed individuals from organizations such as the FBI, NATO, and the UN in matters of cybersecurity, on three continents. Bryan has specialized expertise in defensive and offensive capabilities. He has received recognition for his work in I.T. Security, and was most recently profiled by McAfee (part of Intel Security) as an I.T. Hero. Bryan holds 11 GIAC Certifications including GSEC, GCWN, GCIH, GCFA, GPEN, GWAPT, GAWN, GISP, GCIA, GCED, and GCUX. Bryan’s scholastic achievements have resulted in the honour of sitting as a current member of the Advisory Board for the SANS Institute, and his acceptance into the prestigious SANS Cyber Guardian program. Bryan is a SANS Certified Instructor for SEC401: Security Essentials Bootcamp Style, SEC501: Advanced Security Essentials – Enterprise Defender, SEC505: Securing Windows with Powershell and the Critical Security Controls, and SEC511: Continuous Monitoring and Security Operations. Bryan dedicates this book to his little boy, Jesse. Daddy loves you!