John Strand currently is a Senior Security Researcher with his company Black Hills Information Security, and a consultant with Argotek, Inc for TS/SCI programs. He also teaches the SANS 504 "Hacker Techniques, Exploits and Incident Handling," 517, "Cutting Edge Hacking Techniques," and 560 "Network Penetration Testing" classes as a Certified SANS Instructor.
John started the practice of computer security with Accenture Consulting in the areas of intrusion detection, incident response, and vulnerability assessment/penetration testing. He then moved on to Northrop Grumman specializing in DCID 6/3 PL3-PL5 (multi-level security solutions), security architectures, and program certification and accreditation. John is also a contributing author to Nagios 3 Enterprise Network Monitoring. He has a Masters degree from Denver University, and is currently also a professor at Denver University. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.
Do you have a question for our experts?
Contributions from John Strand, featured expert
- What is the best way to conduct a rootkit-specific risk assessment?
- Can virtualized applications interact without permission?
- What is the best way to manually test for buffer overflows?
- Does the iPhone SDK effectively increase the risk iPhones pose?
- Does widget malware on social networking sites threaten enterprises?
- Will the CERT security incident-response project benefit infosec pros?
- How can an enterprise-wide network prevent denial-of-service attacks?
- Can "good" botnets fight bad botnets?