- Listings
- Profiles From The Front Lines
- Does Certification Really Matter?
- GIAC Hero
- Business Card Logos
GIAC Heroes in Action
As in every war throughout history, battles and wars are won because of the hard work and dedication of many 'unsung heroes'. We know that is true in today's cyber warfare battles. As such and with your help, we have decided to begin introducing you to a few of the GIAC Cyber Heroes. Our hope is that we can provide a forum to share some of the great things our GIAC Alumni are doing and to share some best practices within the community.
The GIAC IT Security Certification Hero recognizes GIAC certification holders that have made a substantial improvement in the security in their organization, whose certification has had an impact on their career or has resulted in a contribution to the information security community.
GIAC will announce the Hero Newsbites and on the GIAC and SANS websites. The hero will receive a free SANS On Demand course and the associated GIAC certification. A grand prize of a free SANS Conference course and its associated GIAC certification will be awarded at the end of each year. If you would like to submit someone you know for GIAC IT Security Certification Hero, you may fill out a nomination form.
GIAC IT Security Certification Hero - Joe Bagdon GSEC, GCIH with IBM
Professional Information:
Joe entered the IT security field in 1992 as a Customer Engineer with IBM. After several years with IBM, Joe decided to join the Air Force. It was here that he really became security conscious. Having to think about security in all aspects of his life, Joe became even more eager to expand his IT security knowledge.
In the Air Force, Joe served as an Intelligence Analyst for the 39th Information Operations Squadron (IOS) at Hulburt Field in Florida. As Joe.s military career progressed, the Air Force learned of his IT Security skills, including his .mad Linux abilities. and asked him to help set up the Undergraduate Network Warfare Training course at Hulburt. Joe served in the Air Force until May of 2008 when he retired and rejoined IBM as an IT Security Specialist in Boulder, Colorado.
How has Joe's GIAC certification reinforced and affirmed the hands-on knowledge he possesses?
Being involved in curriculum development himself, Joe is a firm believer in the value of hands-on training. Preparing for his GIAC certifications through SANS training and the GIAC Practice Tests lead Joe to the realization that using hands-on exercises really does help you learn and retain the skills and knowledge you were taught.
What challenge has Joe faced and successfully overcome due to the knowledge his GIAC certification provided?
At the 39 IOS, Joe created and presented the Network Attack Curriculum including DoD presentation and adversary hacker methods. Joe also designed Network Attack scenarios that were designed to give the students a thorough understanding of how a network is penetrated. He designed and built a Network Attack Simulator (simulated network for attack training) as well as a stand-alone Network Attack Test Appliance that was created to individually test each student.s understanding of the materials covered in the Network Attack block through hands-on scenarios.
This simulator is a laptop that has a network of 4 hosts (including a few vulnerable services) behind a Linux firewall that the student can attack from the host operating system. The student sits down in front of the system and is told what their IP Address is and the address of the network they are to attack. The simulator is built utilizing Linux as the host operating system and VMware (with some additional tweaks so the student can't directly access the internal network without going through the firewall). The simulator is a standalone network in a box. No cat-5 connection needed. Each student can demonstrate the initial penetration into the network, backdoor placement and even a pivot into an adjacent host.
"It was difficult to take a guy who is so used to thinking defensively and teaching him to think outside the box, so to speak," says Joe. "It was hard for some of them to be on the offensive side, but it was a real eye-opener when they got it."
Joe was responsible for helping train 320 airmen at the 39th IOS in Network Warfare and Information Warfare before he retired.
Which GIAC certification has contributed to Joes's success in his current position?
"I would have to say that the GCIH certification has helped me out the most in my current position. The training has helped me to rapidly identify gaps in network security, identify systems that have been compromised and assist others in handling the incident that the compromise creates. If it wasn't for the training and certification I received, I wouldn't be so successful today. It's that simple!"
How has Joe's GIAC certification benefitted his current employer?
Joe Bagdon is an outstanding Network Warrior. He was instrumental in the creation of the Air Forces first cyber warfare training course. The Undergraduate Network Warfare Training (UNWT) Course -- an intense 10 week, hands-on experience covering many different network types.
Joe was the senior mission simulator architect and a thought leader for the UNWT. His insight, talent, and contributions have had a tremendous positive impact on our future Air Force Cyber Warriors!
Joe, thanks for all your help in creating the UNWT and congratulations on this award. Well deserved!
Scott R. 'Skip' Runyan, GG-13, DAF
NW Ops Training, CISSP, GSEC
39th Information Operations Squadron
Joe is truly a GIAC IT Security Certification Hero in action!!
GIAC IT Security Certification Hero - Matt Austin GCFW with Symantec Corporation
Professional Information:
Matt has worked in information security for over 10 years. He is currently working onsite as a Senior Security Consultant for Symantec Corporation at a major automotive manufacturer in Michigan. Matt's career in Information Technology began when he got out of the Navy and used the GI Bill tuition assistance to attend a technical college so he could begin an IT career. After completing the technical program, Matt continued on to get his Bachelor's degree and is currently pursuing a Master's in Information Assurance. Matt started his career in desktop/server support, worked his way into Cisco networking, and eventually to the security field where he has been specifically focused in Information Security for the last 6 years. Matt has had the opportunity to work with just about every major firewall product on the market, and been engaged to help assist in assessing what products and solutions would be most suitable for his client.
How has Matt's GIAC certification reinforced and affirmed the hands-on knowledge he possesses?
Matt has contributed greatly to evaluating and testing Layer 2 firewall designs in his organization. This has entailed evaluating and testing multiple highly available Layer 2 firewall pairs, as well as ensuring that best practices and strict policy enforcement are followed. Additionally, he has had the responsibility of teaching junior personnel and project managers how the technology works, as well as providing reports to senior management on the progression of the project itself.
What challenge has Matt recently faced and successfully overcome due to the knowledge his GIAC certification provided?
Matt is in the process of rolling out an in-depth Layer 2 firewall project. This particular project came about as a result of audit requirements that needed to be met by the customer's internal business group. The decision to use Layer 2 firewalls was made to satisfy the needs of both the network group and the security group.
This project is comprised of 8 Layer 2 firewalls in a tiered infrastructure, which are part of the design to protect an environment of a 6000 node network. A pair of firewalls is being used to identify what network/server resources are currently in use and to help differentiate legitimate from illegitimate traffic. This information will then be used to build the production firewall rule base to support the newly migrated environment.
Two other firewalls will be used in a development/lab environment for testing new applications while the remaining four will be used in a highly available production network.
The end goal of this project is to gradually move over 6000 nodes behind the production Layer 2 firewalls. The network will be readdressed in the process so keeping meticulous records of pre and post migration is vital to the project's success. Much of the services currently utilized are shared between numerous internal business partners (such as LDAP Authentication Servers, Mail, Internet access, etc.). Engaging these teams is critical to ensuring that major business components stay operational during the transition.
Matt's Layer 2 firewall project is rolling out in waves of completion. This helps the team measure the successes of the project in increments and allows for adjustments (if necessary) before the project is in its final stage.
Which GIAC certification has contributed to Matt's success in his current position?
"Many of the SANS courses I have taken, and all of the GIAC certifications I have earned, have prepared me for the challenging tasks I've faced. If I had to highlight one it would be the GIAC Certified Firewall Analyst (GCFW). This certification and the related SANS training (Firewalls, Perimeter Protection & Virtual Private Networks, SEC-502) provided an outstanding overview of firewalls, and also the best practices concerning design, log analysis, packet analyzing, and methods to validate your security posture. These are only a few of the many benefits earning this certification has afforded me."
In addition to the GCFW, Matt holds the following GIAC Certifications: GCIH, GCFA, GSNA, GHTQ, and the Stay Sharp Certificates - SSP-GHD, SSP-DRAP, and GGSC-0400. He is also currently working on his GCFW Gold paper to discuss the benefits and caveats to deploying Layer 2 firewalls in an organization which will be of great use to others in the security field who are also planning to deploy Layer 2 firewalls in their organizations as well.
How has Matt's GIAC certification benefitted his current employer?
"I was excited to hear that you were considering Matt for the GIAC Hero. He certainly deserves recognition. Mr. Austin is a hard worker, frequently supporting change management maintenance windows outside of business hours. He attacks problems with zeal and has established a great rapport with his diverse group of teammates. He encourages learning and sharing of information within his team and is always willing to assist others. He developed and presented firewall training for off-site support personnel and has taken it upon himself to revamp the customer's existing firewall training guide. He is friendly and personable and a pleasure to have on the team," Matthew Schie, Manager, Symantec On-Site Program Incident Response Team Leader & Security Architect for Enterprise Information Security Dept.
Matt is truly a GIAC IT Security Certification Hero in action!!
If you would like to submit someone you know for a GIAC Hero, you may fill out a nomination form.
