About the Authors
Kevin Mandia
Kevin Mandia is the Director of Computer Forensics at Foundstone, Inc., an Internet security firm. As a special agent, consultant, and instructor, Kevin has amassed a wealth of experience performing incident response and computer forensics.
Prior to joining Foundstone, Kevin was a special agent with the Air Force Office of Special Investigations (AFOSI), where he specialized in investigating computer intrusion cases. After leaving the AFOSI, Kevin developed a two-week computer intrusion response course, specifically designed at the request of the FBI. Kevin taught at the FBI Academy for more than a year, where over 300 FBI agents specializing in computer intrusion cases have attended his courses. The content of the courses was tailored to meet the special needs of law enforcement, intelligence officers, and individuals who must understand the way computer networks operate and the methods attackers use to exploit networks. Kevin has also provided computer intrusion and forensic training courses to other customers, including the State Department, the Royal Canadian Mounted Police, the CIA, NASA, Prudential, several international banks, and the United States Air Force.
At Foundstone, Kevin leads a team of computer forensic specialists who have responded to more than 50 computer security incidents at e-commerce, financial service, and health care organizations in the past two years. These incidents range from organized crime pilfering millions of dollars’ worth of merchandise to responding to theft of intellectual property.
Kevin holds a B.S. degree in computer science from Lafayette College and an M.S. degree in Forensic Science from George Washington University. He is a Certified Information Systems Security Professional (CISSP), and he teaches a graduate-level class on incident response at Carnegie Mellon University.
Chris Prosise
Chris Prosise is Vice President of Professional Services for Foundstone, Inc. He co-founded the company and launched Foundstone’s international professional services practice. This expanding practice enables companies ranging from early-stage startups to the largest Global 500 corporations to develop a strong, long-term security foundation tailored to their unique business needs.
Chris has extensive experience in security consulting and incident response. An adjunct professor at Carnegie Mellon University, he teaches graduate students the latest techniques in computer security and serves as a faculty advisor. Chris is a featured speaker at conferences such as Networld+Interop, Infragard, LegalTech, and the Forum of Incident Response and Security Teams (FIRST), but prefers nurturing trees and wildlife on his farm in Virginia.
Chris began his information security career as an active duty officer at the Air Force Information Warfare Center, where he led incident response and security missions on top-secret government networks. He also developed automated network vulnerability assessment software and coded real-time intrusion detection and denial software. Chris holds a B.S. degree in electrical engineering from Duke University and is a Certified Information Systems Security Professional (CISSP).
About the Contributing Authors
Matt Pepe
Matt Pepe is a Principal Forensics Consultant at Foundstone, Inc. As a forensic analyst and consultant, Matt has performed forensic analysis in more than 100 federal investigations for the Air Force Office of Special Investigations (AFOSI), the FBI, and other government agencies.
Prior to joining Foundstone, Matt was a computer forensic analyst for the AFOSI. He was one of the first non-agent analysts used by the organization, and he contributed to the formation of the U.S. Department of Defense (DoD) Computer Forensics Laboratory. In that position, he reviewed media in a large variety of cases, including unauthorized intrusions, fraud, and counterintelligence matters.
Upon leaving AFOSI, Matt provided technical investigative support to the FBI National Infrastructure Protection Center. Additionally, Matt led a network penetration testing team and contributed to the development of an enterprise intrusion detection system.
At Foundstone, Matt leads incident response and forensic engagements, and conducts research and development for the incident response and forensics practice.
Richard Bejtlich
Richard Bejtlich is a Principal Forensics Consultant at Foundstone, Inc. He performs incident response, digital forensics, security training, and consulting on network security monitoring.
Prior to joining Foundstone, Richard served as senior engineer for managed network security operations at Ball Aerospace & Technologies Corporation. Before that, Richard defended global American information assets as a captain in the Air Force Computer Emergency Response Team (AFCERT). He led the AFCERT’s real-time intrusion detection mission, supervising 60 civilian and military analysts.
Formally trained as a military intelligence officer, Richard holds degrees from Harvard University and the United States Air Force Academy, and he is a Certified Information Systems Security Professional (CISSP). Richard is a contributing author to Hacking Exposed, Fourth Edition and Incident Response & Computer Forensics.
About the Technical Editor
Curtis Rose
Curtis W. Rose is the Director of Investigations & Forensics at Sytex, Inc. Mr. Rose, a former counterintelligence special agent, is a well-recognized forensics and incident response expert. He has provided the U.S. Department of Justice, FBI’s National Infrastructure Protection Center, Air Force Office of Special Investigations, U.S. Army, corporate entities, and state law enforcement with investigative support and training.
Mr. Rose has developed specialized software to identify, monitor, and track computer hackers. In addition, he has written affidavits and testified as an expert in U.S. Federal Court.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.