SANS Secure Europe training

Gareth Dance is the Manager EMEA for the SANS Institute. In this interview he discusses the SANS Secure Europe Amsterdam 2011 training event and offers insight into what exactly you can expect if you decide to expand your information security knowledge this May.

SANS Secure Europe Amsterdam 2011 is a huge security training event. What courses do you offer this year? How do you choose what courses to present?
Yes, SANS Secure Europe is the second biggest SANS event in the EMEA region, we are really pleased to be bringing it back to Amsterdam for what is sure to be another great year. This year we will be offering 8 classes over two consecutive weeks, in the first week we will be running:

SEC401: SANS Security Essentials Bootcamp Style

SEC540: VoIP Security

SEC560: Network Penetration Testing and Ethical Hacking

FOR558: Advanced Computer Forensics Analysis and Incident Response

Followed by, in week 2:

AUD507: Auditing Networks, Perimeters and Systems

SEC617: Wireless Ethical Hacking, Penetration Testing and Defences

SEC660: Advanced Penetration Testing, Exploits and Ethical Hacking FOR558: Network Forensics

Picking the right courses for any event is always a challenge, we have such a wide array of great courses to select from, but we always try our absolute best to meet the needs of the students, this year for example, we are running the always popular and high demand classes such as SEC401 and SEC560, but we are also giving people the chance to attend classes that we might not run in the region very often, such as SEC540 or SEC617, and of course after great debuts in London last winter we had to bring back our new classes FOR558 and SEC660.

Another fantastic opportunity offered by Amsterdam running over 2 weeks is that we can include classes that logically follow on from one and other so students can register for the both of them at the same event and really maximize their learning experience, for example SEC560 can be followed up with SEC660 or FOR508 by FOR558.

How would you introduce the training event to someone who hasn’t attended SANS training before?
I think that the first thing to remember is that SANS events aren’t just training events, it is more about the whole experience. We offer the worlds best Information Security training courses, but we make sure that these aren’t just delivered by an instructor who is reading notes and doesn’t really understand the material. All of our instructors are real world practitioners in this field, they live and breath the InfoSec world on a daily basis, and so when they stand up there in front of a class of students they aren’t just instructors, as well as teaching the course material they are always happy to impart their experiences and knowledge that they have gained from being out there on the front-line. We always get positive feedback from students on how they love the “war stories” that they hear in class, not only learning course material, but then hearing about real-life experiences where this knowledge has been applied.

We always strive to keep our classes hands on and technical as well, you will be issued with the tools and shown how to use them so that you know that as soon as the class is over you can go back to your workplace and put these lessons into practice.

Of course on top of all this you have to take into consideration that during these events you will be surrounded by a group of likeminded individuals and the relaxed and friendly atmosphere of SANS events gives you great networking opportunities as well.

Who are the instructors? How are they chosen?
We have a great group of instructors with us this year, in week one we have Jim Herbeck and Paul Henry and week two will see James Tarala and Steve Armstrong, and not forgetting Stephen Sims and Jess Garcia who will be with us for the full two weeks. Let me give you a little background on our instructors.

Jim Herbeck, CISSP, is a managing partner and principal consultant at NOUVEL Strategies, an information risk and security management company based in Geneva, Switzerland. Jim has spent over 20 years working with information systems in commercial, government, academic, and research environments, both in the US and Europe.

Paul Henry is one of the world’s foremost global information security and computer forensic experts, with more than 20 years experience managing security initiatives for Global 2000 enterprises and government organizations worldwide. He is currently the Lead Forensic Analyst and President of Forensics & Recovery LLC. Henry is a frequently cited by major and trade print publications as an expert in computer forensics as well as both technical security topics and general security trends, and serves as an expert commentator for network broadcast outlets such as FOX, NBC, CNN and CNBC.

James Tarala is a principal consultant with Enclave Security. As a consultant, he has spent the past few years architecting large enterprise IT security and infrastructure architectures, specifically working with many Microsoft-based directory services, e-mail, terminal services, and wireless technologies. He has also spent a large amount of time consulting with organizations to assist them in their security management, operational practices, and regulatory compliance issues, and he often times performs independent security audits and assists internal audit groups to develop their internal audit programs.

Prior to heading up technical security consulting at Logically Secure, Steve Armstrong spent over 17 years working for the UK government and was widely considered one of their most experienced IT security professionals. Whilst head of an MOD penetration testing department, he combined IT security with military policing, leading several multi-disciplined teams on overseas wireless network discovery operations.

Jess Garcia, founder of One eSecurity, is a Senior Security Engineer with over 15 years of experience in Information Security. During the last 5 years Jess has worked in highly sensitive projects in Europe, USA, Latin America and the Middle East with top global customers in sectors such as financial & insurance, corporate, media, health, communications, law firms or government, in areas such as Incident Response & Computer Forensics, Malware Analysis, Security Architecture Design and Review, etc.

And last but not least Stephen Sims is an industry expert with over 15 years of experience in information technology and security. Stephen currently works at Wells Fargo in San Francisco as a security architect. He has spent several years performing exploit development and reverse engineering.

We always look for the absolute best instructors available to us to teach the classes that we are running at the time. Instructors will only ever teach classes that they are completely comfortable with and know the content material inside and out to ensure that they are best suited to answer any questions and queries that might be posed.

In general, how is the training organized? What can first-timers look forward to?
Once the student has registered on the Monday morning then they can go and enjoy a coffee and get to meet some of their fellow students, as well as finding their classroom. The class for the course will remain the same throughout the week and so students don’t have to worry about moving around. The course books will be waiting on their seats and so after registration there is nothing left to do but drop off your things in the class and relax until the class starts.

Given that SANS classes usually cover 6 days we want to make sure that everyone is as comfortable as possible. As well as there being SANS staff on hand to deal with anything at all that someone may require help with, each of our classes will also have one of our facilitators who will make themselves known to you on the first day, once again If there are any issues then they will be more than happy to help, or if they aren’t sure then they will come to us. Student satisfaction is paramount to us, if there is anything that you aren’t happy with, regardless of how insignificant it may seem please let us know and we will do our best to put it right.

As I mentioned earlier SANS training isn’t just a training course, its an experience, we have students attend year after year, not just because of the courses offered, but because they love the atmosphere of the event as a whole.

How many attendees do you expect? What networking opportunities are available in the evening after the courses are over?
We are hoping for over 100 students each week in Amsterdam, we are still in the process of arranging the extra curricular activities but we are hoping to include some talks from the instructors to add event more learning to an already crammed schedule! In addition to this there will also be informal community nights where students will be able to meet and socialize with fellow students from the other classes as well as instructors and organizers. There are also the networking opportunities available through the day as well, all classes are scheduled to break at the same times through the day and so students will be able to get to know each other over coffee or lunch as well.

For more information about SANS training in Amsterdam go here.