Andrew Hay

I’m pleased to announce that I will be teaching SANS Security 504: Hacker Techniques, Exploits & Incident Handling at Community SANS Ottawa 2010 on Monday, March 22, 2010 through Saturday, March 27, 2010 and at Community SANS Regina Saskatchewan 2010 on May 10, 2010 through Saturday, May 15, 2010.

By helping you understand attackers’ tactics and strategies in detail, giving you hands-on experience in finding vulnerabilities and discovering intrusions, and equipping you with a comprehensive incident handling plan, the in-depth information in this course helps you turn the tables on computer attackers. This course addresses the latest cutting-edge insidious attack vectors and the “oldie-but-goodie” attacks that are still so prevalent, and everything in between. Instead of merely teaching a few hack attack tricks, this course includes a time-tested, step-by-step process for responding to computer incidents; a detailed description of how attackers undermine systems so you can prepare, detect, and respond to them; and a hands-on workshop for discovering holes before the bad guys do. Additionally, the course explores the legal issues associated with responding to computer attacks, including employee monitoring, working with law enforcement, and handling evidence.

This challenging course is particularly well suited to individuals who lead or are a part of an incident handling team. Furthermore, general security practitioners, system administrators, and security architects will benefit by understanding how to design, build, and operate their systems to prevent, detect, and respond to attacks.

Don’t miss this unique and challenging training opportunity. Sign up for the Community SANS Ottawa 2010 and/or the Community SANS Regina Saskatchewan 2010 today!

So You Want to Write a Security Book, Eh?
- Andrew Hay
- Friday, September 18 * 8:00pm – 9:00pm

Have you ever thought about writing a security book, but were not sure where to start? What kind of book should you write? How do you get a publisher? What can you expect to make off your book?

Join Andrew Hay, author of the OSSEC Host-based Intrusion Detection Guide, Nagios 3 Enterprise Network Monitoring, and the Nokia Firewall, VPN, and IPSO Configuration Guide, to learn the pros and cons of being a security author and to learn if you’ve got what it takes to write the next great security book.

Full details here: http://www.sans.org/ns2009/night.php

The Academy (http://www.theacademy.ca) officially launches its web site today providing instructional videos for the information security community. For the first time ever, the average user to the most seasoned industry expert will be able to watch instructional videos on how to install popular products, address common configuration issues, and troubleshoot difficult problems. The Academy is a user driven community and videos are created at the request of its members. Vendors can also leverage the site to showcase the features and capabilities of their products. The Academy is an ideal place to find and share knowledge with others practicing or interested in the information security field.

Yours truly will be contributing as many log related videos as possible so that people understand how to properly make those crazy blinking boxes they have in their racks send logs.

Join Andrew Hay for the SANS@Home SEC401R review/preparation session for the GIAC Security Essentials certification exams. This six session review course will allow GSEC candidates to prepare to pass the GSEC exam. Each session focuses on a particular book of the Security 401: SANS Security Essentials material. Class format is to review GSEC practice exam questions and answers to make sure that students understand the material covered in each book.

Covering Exam 1
Thursday, February 21th, 2008 – Book 401.1, Day 1
Thursday, February 28th, 2008 – Book 401.2, Day 2
Thursday, March 6th, 2008 – Book 401.3, Day 3

Covering Exam 2
Thursday, March 13th 29th, 2008 – Book 401.4, Day 4
Thursday, March 20th, 2008 – Book 401.5, Day 5
Thursday, March 27th, 2008 – Book 401.6, Day 6

Looks like I’ll be making the trip to SANS Network Security 2007 to present a Q1 Labs sponsored lunch & learn on Thursday, September 27th in LAS VEGAS, NEVADA!

The topic of the lunch & learn is Enterprise Log Management for Incident Handlers. Email me if you’d like more information on the lunch & learn abstract.

For more information on the conference please see the following link: http://www.sans.org/ns2007/
For more details on the lunch & learn please keep checking here: http://www.sans.org/ns2007/vendor.php

I hope to see some of my readers and colleagues there. Drop me a line and let me know if you’ll be attending.