Inside SANS London 2012

Matt Anderson is the Director, EMEA at SANS Institute. In this interview he talks about SANS London 2012, Europe’s biggest and most important information security training event.

SANS London 2012 is a huge security training event. What courses do you offer this year? How do you choose what courses to present?
It’s actually the largest security training event outside of the States and is already filling up fast. We try to include all of the most popular SANS courses whilst ensuring any new security challenges are covered as well. Our Security Essentials class is always hugely popular, but there are various specific courses covering pen testing, incident response, auditing, forensics and more. We’ve introduced two new courses as well this year – “mobile device security and ethical hacking’ and “advanced web app penetration testing and ethical hacking”.

The courses are developed through a consensus process involving hundreds of administrators, security managers and information security professionals. In short we try to ensure that the London event has the widest possible range of SANS training courses and then we run other more focused training events elsewhere across Europe, Middle East and Africa.

The full line up for SANS London this year is:

  • SEC579: Virtualization and Private Cloud Security with Dave Shackleford
  • SEC401: Security Essentials Bootcamp Style with Dr. Eric Cole
  • SEC501: Advanced Security Essentials with Eric Conrad
  • SEC503: Intrusion Detection In-Depth with Jess Garcia
  • SEC504: Hacker Techniques, Exploits & Incident Handling with Steve Armstrong
  • SEC546: IPv6 Essentials with Dave Shackleford
  • SEC560: Network Penetration Testing and Ethical Hacking with Bryce Galbraith
  • SEC566: Implementing and Auditing the Twenty Critical Security Controls – In-Depth with James Tarala
  • SEC575: Mobile Device Security and Ethical Hacking with Raul Siles
  • SEC642: Advanced Web App Penetration Testing and Ethical Hacking with Justin Searle
  • SEC660: Advanced Penetration Testing, Exploits, and Ethical Hacking with Stephen Sims
  • SEC710: Advanced Exploit Development with James Shewmaker
  • FOR558: Network Forensics with George Bakos
  • MGT433: Securing The Human: Building and Deploying an Effective Security Awareness Program
  • AUD507: Auditing Networks, Perimeters, and Systems with David Hoelzer.

How would you introduce the training event to someone who hasn’t attended SANS training before?
Well for a start there’s really no comparison to anything they would have experienced previously. The training is very intensive and hands-on as it’s all about teaching real practical skills and techniques that can be used straight away – literally as soon as you get back to the office.

The instructors are incredibly knowledgeable, thorough and know how to hold an audience – right through 6 days of intensive training. Every student works with through hands on labs and has a full set of study books and we ensure that the classes are held in a great learning environment.

Who are the instructors? How are they chosen?
We have the best instructors in the industry. Guys like Dr. Eric Cole, Stephen Sims and Steve Armstrong to name but a few. They are real experts and practitioners who are out there fighting the same battles as our students and discovering new ways to thwart attacks. They have to go through a really rigorous process to make it to SANS instructor.

Hundreds apply every year to be a SANS Institute instructor and only a tiny percentage make it through. Our standards are incredibly high. And of course every course is evaluated by the students. The instructors have to score really well every time – and of course, they do.

In general, how is the training organized? What can first-timers look forward to?
It’s class room format, as I said before everybody has a laptop and a pile of books. Then the instructor is let loose at the front of the room and as someone once said it can be kind of like drinking from a fire hose on full blast! Seriously, it’s a fantastic set up and the students love it. The courses tend to run for 6 days, from 9am to 5pm so a level of commitment to learning is required.

Mind you, we do have some fun and everybody enjoys socialising around the training too. It’s important to be able to relax at the end of an intense training day and also take the opportunity to chat with the instructors and the hundreds of other info sec professionals who attend from all over the world.

How many attendees do you expect? What networking opportunities are available in the evening after the courses are over?
Last year we had over 400 and we expect to surpass that number this year. We’ve moved to a new central London location, the Grand Connaught Rooms and Hotel Russel right in the heart of theatreland on the edge of Covent Garden – and that’s proving attractive. As for networking, well it’s one big networking opportunity of course with breaks and lunch being laid on and plenty of opportunities to catch up with contacts old and new. We do also put on some interesting and fun social events too. From NetWars to evening talks to quiz nights. And dare I say it, we’ve even hired the pub across the road for a few of the evening events – so we really are offering the perfect balance of learning and socializing!