John Strand has consulted and taught thousands of classes and hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. He is a coveted speaker and much-loved former SANS instructor and course author. John is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Security Controls frameworks.
In 2008, John founded Black Hills Information Security (BHIS), a pentesting company that strives to understand its clients from a holistic perspective, emphasizing collaboration and education over stunt hacking. Since then, BHIS has grown to become a “tribe of companies” that includes Antisyphon Infosec Training, Active Countermeasures (ACM), Wild West Hackin’ Fest (WWHF), and more!
On-Demand Courses Available from this Instructor
Coming Up: Live Online and In-Person Courses by this Instructor
If no live trainings appear below, please visit our Live Training Calendar for other classes that may interest you.
Active Defense & Cyber Deception w/ John Strand
OnlineIn this class, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly, you will find out how to do the above legally.
SOC Core Skills w/ John Strand
OnlineThis 16-hour information security training course will cover the core security skills all Security Operation Center (SOC) analysts need to have. These are the skills that all Black Hills Information Security (BHIS) SOC team members need to have.
Getting Started in Security with BHIS and MITRE ATT&CK w/ John Strand
OnlineThis 16-hour (4-days, 4-hour sessions) information security training class is designed for people who are new to computer security. We will cover the core fundamentals with lots of hands-on labs demonstrating the attacks and defenses every security professional must know to be successful.
Active Defense & Cyber Deception w/ John Strand
OnlineIn this class, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly, you will find out how to do the above legally.
SOC Core Skills w/ John Strand
OnlineThis 16-hour information security training course will cover the core security skills all Security Operation Center (SOC) analysts need to have. These are the skills that all Black Hills Information Security (BHIS) SOC team members need to have.
Introduction to Pentesting w/ John Strand
In this training course, we will examine the different types of penetration testing engagements and take a deep dive into establishing a repeatable testing methodology for executing quality tests. We will look at some tools of the trade to understand what they are doing under the hood, identify what separates a great finding from a good finding in reports, and really zero in on establishing your own methodology!