Training
Over the past several years I’ve been blessed with the opportunity to teach employees of some of the largest and broadest reaching organizations in the world. This includes government, public, and private sector organizations to include several Fortune 500 companies. If your company or organization would like to increase their effectiveness and competency in the areas of packet analysis or intrusion detection, I’d love to help.
Courses:
Practical Packet Analysis
Based upon my best selling book, Practical Packet Analysis, this course aims to provide students with the practical knowledge they need to capture and interpret packets in order to more effectively diagnose, troubleshoot, and solve network problems. This course assumes no prior packet analysis knowledge and starts with the basics of network communication. Once that fundamental knowledge is in place, we quickly move to hands on coursework using Wireshark as our packet analyzer of choice. This includes hands on exercises centered on sniffer placement, troubleshooting general network problems, diagnosing slow networks and identify high latency, wireless packet capture and analysis, and packet level analysis as a function of network security. At the end of this course a student should be fully equipped to use Wireshark to more quickly solve problems on their network.
Applied Network Security Monitoring
This hands-on course is primarily designed for those working in a security operations center (SOC) or intrusion detection environment and focuses on the tools, tactics, and procedures required to perform intrusion detection and analysis in an effective manner. This three-part course begins with a fundamental in-depth breakdown of the TCP/IP protocol suite from a security perspective that even seasoned networking professionals will receive a benefit from. Once this objective is achieved, the focus of the course turns towards effective use of various intrusion detection and analysis tools including Tcpdump, Wireshark, Snort, and SiLK. The final portion of the course is entirely devoted to practical examples where we actually replay packet data into a an intrusion detection system and use the data sources we have available to find out the scope and validity of the generated alerts.
Custom Training
In the event that neither of my two standard courses meet your needs, I’d be glad to work with your organization to create a custom curriculum.
Corporate Training Program Development
In certain organizations it may be of greater benefit to develop and in-house training program rather than relying on periodic individual training sessions. I’ve had the pleasure of creating and managing training programs for a variety of clients and provide consulting to that affect.
Testimonials
“The training was very effective. Everyone was really excited about what they had learned, and some stated that they couldn’t wait to get back to the office so they could start sniffing packets and baselining their networks.”
- B. Redden, Packet Analysis Training Student, Gerdau Ameristeel
“Chris Sanders brought a personal feel to the course. He is extremely informative and addresses all of the questions at the appropriate level. He is incredibly knowledgeable and has a knack for breaking complex topics down into understandable components.”
- R. Clark, SANS Mentor Student, NSS Plus, Inc.
“Chris’s presentation was a breath of fresh air. No vendor advertisements, no fluff, just some really cool things broken down in a manner that everyone can understand. I’ll be able to take the information he presented and put it to work in my SOC immediately.”
- GFIRST 2011 Presentation Attendee
Contact
If you are interested in training for your organization, please contact me directly via e-mail at chris@chrissanders.org, or phone at (270)-705-5226.
