Author biography

Eric Conrad (CISSP, GIAC GSE, GPEN, GCIH, GCIA, GCFA, GAWN, GSEC, GISP, GCED), is a senior SANS instructor and CTO of Backshore Communications, which provides information warfare, hunt teaming, penetration testing, incident handling, and intrusion detection consulting services. He started his professional career in 1991 as a UNIX systems administrator for a small oceanographic communications company. He gained information security experience in a variety of industries, including research, education, power, Internet, and health care, in positions ranging from systems programmer to security engineer to HIPAA security officer and ISSO. He is lead author of MGT414: SANS Training Program for CISSP® Certification, and coauthor of both SANS SEC511: Continuous Monitoring and Security Operations and SANS SEC542: Web App Penetration Testing and Ethical Hacking. He graduated from the SANS Technology Institute with a master of science degree in information security engineering, and he earned his bachelor of arts in English from Bridgewater State College. He lives in Peaks Island, Maine, with his family, Melissa, Eric, and Emma. His website is http://ericconrad.com.

Joshua Feldman (CISSP) is a vice president at Moody’s, a bond ratings agency critical to the security, health, and welfare of the global commerce sector. He drives M&A, security architecture, design, and integration efforts for IT Risk and InfoSec. Before taking on this promotion, Feldman was the Enterprise Security Architect for Corning, Inc., where he helped to deliver numerous security transformations for Corning and was a key team member focused on maturing the security function. From 2002 to 2012, he worked as the technical director of a US DoD cybersecurity services contract. Supporting the DoD, he helped create the current standard used for assessing cyberthreats and analyzing potential adversaries for impact. During his tenure, he supported many DoD organizations including the Office of the Secretary of Defense, DISA, and the Combatant Commands. He got his start in the cybersecurity field when he left his high school science teaching position in 1997 and began working for Network Flight Recorder (NFR, Inc.), a small Washington, DC-based startup, making the first generation of network intrusion detection systems (NIDS). He earned a master of science in cyber operations from National Defense University and a bachelor of science degree from the University of Maryland. He currently resides in New York, with his two dogs, Jacky and Lily.

Seth Misenar (CISSP, GIAC GSE, GSEC, GPPA, GCIA, GCIH, GCWN, GCFA, GWAPT, GPEN) is a cybersecurity expert who serves as a senior instructor with the SANS Institute and as a principal consultant at Context Security, LLC. He is numbered among the few security experts worldwide to have achieved the GIAC GSE (#28) credential. He teaches a variety of cybersecurity courses for the SANS Institute including two very popular courses for which he is lead author: the bestselling SEC511: Continuous Monitoring and Security Operations and SEC542: Web Application Penetration Testing and Ethical Hacking. He also serves as coauthor for MGT414: SANS Training Program for CISSP® Certification. His background includes security research, intrusion analysis, incident response, security architecture design, and network and web application penetration testing. He has previously served as a security consultant for Fortune 100 companies and as the HIPAA security officer for a state government agency. He has a bachelor of science degree in philosophy from Millsaps College and resides in Jackson, Mississippi, with his wife, Rachel, and children, Jude, Hazel, and Shepherd.

Bryan Simon, CISSP is an internationally recognized expert in cybersecurity and has been working in the information technology and security field since 1991. Over the course of his career, Bryan has held various technical and managerial positions in the education, environmental, accounting, and financial services sectors. Bryan speaks on a regular basis at international conferences and with the press on matters of cybersecurity. He has instructed individuals from organizations such as the FBI, NATO, and the UN in matters of cybersecurity, on three continents. Bryan has specialized expertise in defensive and offensive capabilities. He has received recognition for his work in IT Security and was most recently profiled by McAfee (part of Intel Security) as an IT Hero. Bryan holds 11 GIAC Certifications including GSEC, GCWN, GCIH, GCFA, GPEN, GWAPT, GAWN, GISP, GCIA, GCED, and GCUX. Bryan’s scholastic achievements have resulted in the honor of him sitting as a current member of the Advisory Board for the SANS Institute and his acceptance into the prestigious SANS Cyber Guardian program. Bryan is a SANS Certified Instructor for SEC401: Security Essentials Bootcamp Style, SEC501: Advanced Security Essentials - Enterprise Defender, SEC505: Securing Windows with PowerShell and the Critical Security Controls, and SEC511: Continuous Monitoring and Security Operations.

Bryan dedicates this book to his little boy, Jesse. Daddy loves you!!!