Erik Van Buggenhout
Senior InstructorCo-Founder & Partner at NVISO
Specialities
Offensive Operations
SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
SEC699: Advanced Purple Teaming - Adversary Emulation & Detection Engineering
SEC699Offensive Operations
- 5 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 29 Hours of hands-on instruction
SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses
SEC599Offensive Operations
- GIAC Defending Advanced Threats (GDAT)
- 6 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 25 Hours of hands-on instruction
Virtual Events
Explore content featuring this instructor’s insights and expertise.
- Slide 1 of 7
Tech Tuesday Workshop – Building Out a Hands-On Purple Team Stack, Part 2
As a follow-up of our previous workshop, we will continue building our purple team stack by emulating a number of different techniques and looking at different options for detection. In this particular workshop we will focus on the following topics:Stealing Credentials from LSASSCOM Object HijackingOffice Persistence We will introduce the topics using a short lecture and afterwards get our hands dirty with lab exercises! Prerequisites: Familiarity with Linux and Windows is mandatory System Requirements: Prior to the workshop participants should prepare the following -Download and install the workshop VM: https://sansurl.com/purple-team-stack-workshop-vmInstalled 64-bit host operating systems (Windows is recommended)Download and install VM Workstation Pro 15.5 or higher, VMware Fusion 11.5 or higher, or VMware Workstation Player 15.5 or higher versions on your system prior to the start of the workshopAdobe Acrobat or other PDF readerImportant! An AWS account is required to do hands-on exercises during the workshop. The AWS account must be created prior to the workshop.A credit card should be linked to the AWS account that was created. Estimated usage costs for the AWS account during the workshop are a maximum of $10. For detailed instructions on these preparation steps, please refer to the following URL: https://sansurl.com/purple-team-stack-workshop-readme * Please note that this WILL NOT be recorded. Due to the nature of these workshops, many have a capacity limit and will not be made available for archive. To help us offer this opportunity to as many people as possible, we are asking that you please only register if you plan to attend live.
WebinarCyber Defense
- 6 Apr 2021
- 10:00 UTC
- Erik Van Buggenhout & Jean-François Maes
- Slide 2 of 7
Purple Team Interactive Poster Walkthrough
Join SANS Purple Team courses author and Senior Instructor, Erik Van Buggenhout, and SANS Purple Team Ambassador and Principal Instructor, Jorge Orchilles, as they walk you through the new, innovative, and interactive Purple Team Poster.
WebinarCyber Defense
- 6 Jun 2022
- 11:00 UTC
- Jorge Orchilles & Erik Van Buggenhout
- Slide 3 of 7
The Always-On Purple Team: An Automated CI/CD for Detection Engineering
Join Stephen Sims and Erik Van Buggenhout as they present, "The Always- On Purple Team: An Automated CI/CD for Detection Engineering", which they previously introduced at RSA Conference 2024. During this webcast, they will share tips on building the always-on purple team!
WebinarOffensive Operations
- 3 Sep 2024
- 12:00 UTC
- Stephen Sims & Erik Van Buggenhout
- Slide 4 of 7
Updates to our Advanced Purple Team class - SEC699
We are excited to invite you to an exclusive webcast where we'll unveil the latest updates to the SEC699 SANS Purple Teaming course. This session will provide an in-depth look at the enhancements we've made to ensure that our course remains at the forefront of cybersecurity training.
WebinarOffensive Operations
- 23 Sep 2024
- 11:00 UTC
- Stephen Sims & Erik Van Buggenhout
- Slide 5 of 7
To Phish or Not to Phish: Understanding Modern Attacks and Defenses
What? A webcast in 2025 about phishing...haven’t we sorted that stuff yet? Almost! :)
WebinarOffensive Operations- 27 Feb 2025
- 12:00 UTC
- Erik Van Buggenhout & Brian Almond
- Slide 6 of 7
From Playbooks to Robocop: The Evolution of SOC Automation
The landscape of Security Operations is changing rapidly, and automation is leading the charge. In the second episode of the “Purple Team Power Hour”, we’ll explore how security teams are moving beyond static, pre-built playbooks toward dynamic, AI-driven solutions that can adapt to evolving threats in real time.
WebinarOffensive Operations
- 27 Mar 2025
- 12:00 UTC
- Erik Van Buggenhout & Wouter Stinkens
- Slide 7 of 7
Continuous Penetration Testing: Rethinking Offensive Security in an Ever-Changing Threat Landscape
Annual penetration testing is no longer enough to keep pace with modern threats.
WebinarOffensive Operations- 3 Apr 2025
- 11:00 UTC
- Stephen Sims, Chris Dale, Joshua Wright + 1 more