About

Welcome to my blog! I’m an information security practitioner and researcher originally from Mayfield, Kentucky. Mayfield is a little community nestled between towns called Possum Trot and Monkey’s Eyebrow (seriously). It’s far enough off the grid that you have to take an airplane to Nashville and drive nearly three hours northwest to get there, but it was a great place to grow up. After I grew up there I spent several years in Charleston, SC before I moved met my wife and moved with her to north Georgia where I live now.

The goal of this site is to serve as a repository for all of my research, training, and publications. The goal of all that content is to help others further their careers and better security the data and networks they are responsible for protecting.

My Background

headshotComing from rural western Kentucky there wasn’t a lot of opportunity related to technology when I was younger. I’m the proud son of a sewing machine operator and a trucker and I come from a family where very few graduated high school, and college was unheard of. We were dirt poor, but I was fortunate enough to have strong christian parents that cared about me, along with a few teachers who wanted me to be successful. Because of that, I’m passionate about education and my faith. Without a lot of both I might have been a drop out, ended up struggling to make ends meet, and living paycheck to paycheck as well.

Because I come from a background of limited means, I try to do what I can to humbly inspire others who might find themselves in a similar situation. This is why I write about my experiences, share my story, and share my faith with those who will listen.

If you are interested in learning more about my faith then please consider reading my testimony and how I became a follower of Jesus Christ. You can read it here: http://chrissanders.org/mytestimony/.

I knew from an early age that if I was able to achieve some level of success I wanted to give back to my community and those like it. In 2008 I founded the Rural Technology Fund. The RTF is a 501(c)(3) non-profit organization designed to provide scholarship and learning opportunities to students from rural areas pursuing careers in computer technology. We promote technology advocacy in rural areas through various support programs and have donated thousands in scholarships and equipment across the United States. In 2014 we donated our Raspberry Pi computer lab and in 2015 we starting helping equip “Maker Spaces” across the country with equipment like 3D printers and electronics invention kits.

Personally, I enjoy watching Kentucky basketball and perfecting my craft as a BBQ Pit Master (which some might say is my true passion). I also love to read and enjoy learning about the history of the southern United States. I also try to fish when I can.

My Career

If you’ve made it to my blog then chances are you’ve done so because you’ve read something I’ve written. I’ve written a few books including “Practical Packet Analysis”, which has sold several thousand copies internationally, and “Applied Network Security Monitoring”. Along with this I’ve written and co-written what now seems to be hundreds of articles on the topics of packet analysis, intrusion detection, and general network security and administration. I’ve also done some public speaking on those topics.

My professional background began in systems administration and quickly pivoted to information security. I worked for the Department of Defense in various roles as a security analyst, eventually building and leading teams of analysts. Eventually I left the defense sector and began working in private industry. From there, I worked with great people at InGuardians and Mandiant/FireEye. At that point, I decided it was time to focus completely on serving others through my training and non profit work. It was then I founded Applied Network Defense where I focus on delivering high quality, affordable security training. I’m blessed to work with some of the best and brightest in the business.

While my previous research has been focused on technical aspects of security, in late 2013 I began to turn my focus to cognitive psychology and how it applies to the challenges faced by security practitioners. My hope is that I can use this research to positively impact how security analysts are trained, how security tools are developed, and how investigations are conducted. In 2015 I began a PhD program in psychology where I’m furthering this work in a more formal manner.